Author: Wayne Rash / Source: eWEEK
NEWS ANALYSIS: Imagine a world where state-sponsored hackers team up with financial criminals to use ever more sophisticated tools to break in to your network and steal your data.
SAN JOSE, Calif.—Three members of the intelligence community, speaking on the keynote panel at the NetEvents Global Press and Analyst Summit here, agree that the security landscape today is rapidly becoming a scarier than ever.
That’s because today’s hackers have become more skilled and technologically reactive than what security professionals were used to dealing with in years past.
The most prevalent group of cyber-attackers are those motivated by financial gain, explained MK Palmore, supervisory Special Agent, and the Information Security Risk Management Executive for the Federal Bureau of Investigation’s San Francisco field office.
“They’re mostly males, 14 to 32 years old, have access to the dark web, and are able to operate in nearly complete anonymity,” Palmore said. He said that a group that’s nearly as big are hackers working on behalf of a nation state. What’s most concerning is that they’re teaming up. “We’re seeing a combination of financial and nation state actors forming super teams.”
This is a change from days when hackers operated in isolation, explained Dr. Ronald Layton, Deputy Assistant Director, U.S. Secret Service. “Now, these guys all know each other, they all are collaborative, and they communicate in Russian. “
Layton said that by working together, the groups are able to combine the virtually unlimited assets of a nation state with the sophistication of the best financial hackers.
The problem then becomes what to do about these new hackers? The first step, according to retired Deputy Director of the Department of Homeland Security and the founder of the Center for Information Security Awareness Michael Levin, is to train and educate the potential victim’s workforce. “So many of the hacks we see are the result of simple human error,” Levin explained.
Levin said that the source of those errors is primarily due to organizations that don’t want to take the time to tell their employees what they should or should not do. “How do we get them to not be lazy?” he wondered. “It’s time that we educate people to stop doing bad practices.”
Layton agreed. “We pay a lot of attention to what the bad guys will do to further their illicit game,” he…
Click here to read more
