CONNECTING THE DEFENCE COMMUNITY WITH INSIGHT, INTELLIGENCE & OPPORTUNITIES

Officially Supported By: Defence Contracts International Supply2Defence

Official Media Partners for:

Martin Rudd, CTO, Telesoft Technologies discusses a different take on how to combat the cyber threat.

With the lowest ratings since the show began, Season 10 of the Walking Dead seems a show that is in a gradual decline. But it wasn’t always like that; think back to the heyday of Season 1 and some of the moments and episodes that we saw.

There is one in particular which is inspiring a new kind of cybersecurity camouflage. Surrounded by zombies with nowhere to go, Rick Grimes and co. decide to drench themselves in ‘bits’ of the dead in order to disguise themselves and sneak through the crowds. Which is interestingly the kind of precautions that forward-thinking security professionals are using to safeguard high-risk devices in the face of an ever-growing horde of cyber-ghouls looking to bring them down; by blending in with the infected, rather than fighting back against everything shambling towards them.

Cyber attacks are becoming more conscious

As hackers and cybercriminals get ever smarter, they are beginning to utilise more sophisticated code within the attacks they generate, in order to fine tune their results. That’s become a necessity when you consider that the sheer number of connected devices that are being targeted in attacks is an ever-growing vector.

Take, for example, the number of internet-enabled devices that the average tech-savvy professional may use in their day to day life. Even ten years ago it may have been a number viewed as only for pure tech-enthusiasts, but many people would now have a smartphone, tablet, laptop or PC, games console, smartwatch and even, in some cases, IoT-enabled fridges and washing machines. Recent research has shown that around 30% of UK residents have at least five IOT-enabled devices.

Then consider that these vectors can, in many cases, double in number when work devices are taken into account, especially if the person in question works within a technological field or with data. Even the most professionally run cybercriminal outfits have come to realise that they need to be more judicious with the devices they are choosing to spend time and resource in targeting.

In order to do this, some attacks are now being seen to carry code to not execute on previously infected devices; after all, there is no value in infecting something already compromised, or having to sift through the results to realise it. This cuts down on extraneous false positives for attackers to sift through and spend resource on attacking, when there may be no financial gain to be had.

The cover of darkness – triggering the kill switch

For as long as the cybersecurity industry has been active, the impetus has been to stop, block and tackle cyber attacks before they have a chance to inflict real damage. But there is a way to use the evolving strategy of the attackers themselves against them, by fooling the kill switches placed within their attacks.

Just as Rick Grimes and co. realised that they couldn’t lop the heads off every single zombie in an overrun Atlanta, CISOs are waking up to the fact that they often can’t defend against the huge number of ever-evolving attacks and exploits that are slowly advancing on their organisations. So, this is leading to the newer, high-risk school of thought: allowing some, previously-identified attacks through the net, where they can be halted merely by disguising devices as already having been infected.

The importance of threat intelligence and penetration testing

Of course, this relies on knowing just which attacks are utilising kill switches to not trigger when faced with a previously-infected device; not an easy task by any stretch of the imagination and one that comes with a high degree of risk. Just as often the schemes in a post-apocalyptic world can fall through if the smallest thing goes wrong, any plans of this nature need to be watertight.

Therefore, doing this – both in the identification stage and implementing this onto personal and business devices – relies heavily on a strong investment into expert threat intelligence and technical research, be it from the internal security team or outsourced. Threat intelligence through subscription services as a particular sector is predicted to rise by 22% between 2019 and 2025, with the entire industry surpassing a market value of $13 billion in that time too. So certainly, something for organisations to consider as an integral part of their cyber strategy.

It’s well-worth remembering that the ‘baked-in’ kill switches is a strategy that originally came from the threat intelligence and penetration testing industries, as they used them when testing attacks as part of simulation tests against their defences. By installing these, the researchers could ensure they could stop the attacks if they began to enact real harm – as long as those exploring this method of cyber protection were well-versed in the technology and strategy in order to carry out the necessary checks, tests and implementation of a kill-switch-triggering strategy.

Another benefit to using experts from this sector is that, with this previous history of utilising kill switches, they have a degree more professionalism in the matter than criminals using the technique. Need an example of how even major implementations of kill switch strategy can go wrong? One of the most substantial cyber attacks in the last few years, WannaCry, was stopped dead in its tracks by a single 22-year-old security researcher, who uncovered a kill switch that was accidentally left in when the exploit went live. That isn’t the kind of mistake anyone on the defensive side of the cyber battle wants to be facing.

Embrace the walking dead

Every security article is couched in the fact that the attack vectors, numbers of devices and geographical reach of criminals is increasing year on year. It’s a fact that both the defenders and the attackers are aware of; that the scale of the area is off the charts compared to anything that we’ve seen beforehand.

Subsequently, it’s clear that you can’t always throw more money, more bandwidth, or more time at the problem; be it criminals or security professionals, that kind of growth is unsustainable. What is needed is a shift in strategy, a smarter way of tackling the myriad problems groaning for brains outside of a company’s gates. This is one such shift.

And if cyber criminals are looking to use threat intelligence strategy such as kill switches to save themselves resource, well, it seems only apt to explore turning those techniques against them through savvy investment into threat researchers to capitalise on the secrets of the attacks coming our way.

If you would like to join our community and read more articles like this then please click here.

 

Post written by: Matt Brown


LATEST STAKEHOLDER

Become a Stakeholder today and benefit from an exclusive marketing package which will allow you to:

  • Engage with active defence buyers and key supply chain partners
  • Create your own branded micro-site which within Defence Online which is managed by you
  • Have a dedicated Digital Account Manager to help enhance your Stakeholder page
  • Promote your news, products, press releases, eBooks and Videos as a Defence Online partner which feeds through to our homepage and social media channels
  • Have your company promoted on our partner website Defence Contracts Online (DCO)
  • All news promoted in mynewsdesk, a major hub for all of our news articles which enables news to be picked up from trade magazines, national newspapers and many other publications which offers extra exposure at no additional cost!

Contact us today or call us on 0845 557 1315 to take advantage of this exclusive marketing package


.

RELATED ARTICLES

Recent events have prompted calls from the UK defence community for greater focus on innovation, in a bid to maintain the country’s strategic position at the forefront of military excellence. 

February 2, 2024

Defence companies need innovation during this uncertain climate 

Defence budgets are back in the spotlight, as demand for more robust defence and security solutions grows in parity with

January 30, 2024

Land - BT x MOD: 26 years of benefits and collaboration

For the past twenty-six years, BT has been a trusted and reliable partner to the Ministry of Defence. Through technological