Learning From Hackers To Protect Against Attacks

To protect against cyber-attacks, defenders need to take a page out of the book of the criminals and become as agile and innovative as the groups they're trying to protect against, according to a former head of GCHQ.

While serving as director general of GCHQ from 2014 to 2017, Robert Hannigan was at the heart of protecting the UK from a variety of threats, including those posed by malicious hackers. 

And when it comes to cyber defence, he told a London audience of security professionals, they can actually look at how hackers operate and apply some of the tactics they use to help improve security.

"I've spent a lot of time looking at these groups, looking at the new and ever more sophisticated attacks that they're developing, we have quite a lot to learn from these groups," said Hannigan, speaking at a security event hosted by Immersive Labs.

For cyber-criminal groups and underground communities on the dark web, speed is key to running a successful operation, especially when it comes to the use of zero-days and other advanced attacks where there can sometimes be just a short delay between their discovery, and software vendors being able to release security patches. 

"It's all about, can they get there quickly enough, hoover up enough cash to make it worthwhile before the security industry finally catch up with them. So agility and innovation and creativity are really key for them and what they prize above everything else," said Hannigan, who sits on Immersive Labs' advisory board.

While many businesses still look at university education and qualifications as an indicator of whether someone is suitable for a cyber security role, this doesn't apply on the Dark Web, here all individuals require to get involved in cybercrime is the skills to do the job; they don't need to produce the relevant paperwork to showcase what they can do.

"They've cracked the skills problem in their own way. They don't worry about qualifications, they don't ask for 2:1s in computer science or anything else for that matter," said Hannigan.

"They're interested in whether you can do a particular job and they can pull in those skills from around the internet in a classic criminal gig-economy sort of way. They're ahead of us on that".

The former GHCQ boss drew on an example seen on an underground forum where various dark web operators were discussing how to improve a form of ransomware.

"They're constantly thinking of new ways of doing it," he explained, and argued that security professionals should take the same approach in order to better protect systems and services from attackers.

"There's a challenge for us in industry to be a bit more agile, a bit more like cybercrime groups, although we do have to worry about the law, of course," he said.

ZDNet:

You Might Also Read:

Ex-GCHQ Boss: Nation State Cyber-Attacks Affect Everyone:

How Hackers Skipped Through BA’s Security

« AI Will Monitor 3D Printing
Japan’s Cyber Security Minister Admits He Just Doesn't Get It »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ComSec LLC

ComSec LLC

ComSec perform threat assessments to identify vulnerabilities and help protect businesses against corporate espionage via electronic eavesdropping.

Asavie

Asavie

Asavie provide solutions for Enterprise Mobility Management and secure IoT Connectivity.

NESEC

NESEC

NESEC is a specialist in information security consulting services and solutions.

SHIELD

SHIELD

SHIELD is an established end-to-end fraud management solution that blocks fraudulent activities such as account takeovers, fake accounts creation, fraudulent payments, loyalty fraud and more.

Asvin

Asvin

Asvin provides secure update management and delivery for Internet of Things - IoT Edge devices.

HackControl

HackControl

HackControl services include penetration tests, security audits, block chain audits and brand and anti-phishing protection.

Deepwatch

Deepwatch

The Deepwatch Platform helps organizations reduce risk through early and precise threat detection and remediation.

Marlabs

Marlabs

Marlabs is a Digital Technology Solutions company that helps companies adopt digital transformation using a comprehensive framework including Digital Automation, Enterprise Analytics and Security.

SHIELD

SHIELD

SHIELD are the world’s leading cybersecurity company specializing in cyber fraud and identity solutions.

DataSixth Security Consulting

DataSixth Security Consulting

DataSixth delivers Cybersecurity Intelligence. With our unique capabilities, we’re able to deliver value, deliver answers, and deliver actionable security intelligence.

Encova Insurance

Encova Insurance

Encova’s cyber liability coverage protects you and your customers in case of a security breach in your company's data.

Primus Institute of Technology

Primus Institute of Technology

At Primus Institute of Technology our mission is to inspire, support, and empower current and aspiring IT professionals through training and career development workshops.

ASPIA InfoTech

ASPIA InfoTech

ASPIA Infotech is a leading Information and cybersecurity organization focused on innovative approaches to avert targeted attacks.

Lineaje

Lineaje

Lineaje solves critical Software Supply Chain security problems faced by every organization that builds, uses or sells software.

Two99

Two99

Two99 provide tailored excellence in the areas of E-Commerce, Marketing, Consulting, and Cyber Security.

Sphinx

Sphinx

Sphinx provide advanced security consulting services and cyber solutions to federal and private industry.