#BSidesBelfast: Focus More on Common Attacks, Less on Zero-Days
Spend less energy focusing on advanced attacks and zero-days, as attacks remain the same and cybersecurity needs to focus more on producing and enabling better professionals.
Speaking in the opening keynote at BSides Belfast 2019, BH Consulting CEO Brian Honan said that, as we mark the 50th anniversary of the internet, we have to realize that whilst we were once unconnected, we now have huge dependency on the internet and this has led to economies and democracies being under attack. With the Cambridge Analytica case still in the mind, and with a UK election likely for December, Honan suspected that we will see more online influence.
Looking at cyber-attacks, Honan said that data suggests that we are seeing “more of the same,” as in the 1980s we were talking about viruses as the main threat, “and that is the same now, but we call it ransomware” – and business email compromise and ransomware have been around for years.
“Criminals use the same techniques as they work, and the biggest risk is the common run of the mill cyber-attack that is known to work,” he argued. “Attackers are not using zero-days and advanced cyber-attacks, they are using email and phones to break into companies.”
This has led to a culture of repeating the same mistakes over and over again, and we are not learning from them. Honan called for an end to “victim blaming” as if we “keep making the same mistakes, then there is an insecure future ahead.” He also called for more transparency into incident response reports, as too often investigations are not revealed.
Drawing comparisons with the aviation industry, Honan highlighted the frequent checks and tests on planes, and the fact that pilots need to be qualified and trained to fly, and “rigorous procedures” are followed. “However, we don’t do that in IT, as we launch things on the internet and hope they will work and if they don't, we fix the problem in the next release. You cannot do that at 10,000 feet.”
Concluding, Honan called for better collaboration as “business people demand better security” now, as we now talk to boards “and not geeks.
“Don’t stand alone, work outside industry and your community to fix problems, and make sure we embrace the business side and talk to them and continue hacking stuff to improve the systems we rely on,” he said.
Source: Information Security Magazine