Learning From Hackers To Protect Against Attacks

Uploaded on 2018-12-03 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

To protect against cyber-attacks, defenders need to take a page out of the book of the criminals and become as agile and innovative as the groups they're trying to protect against, according to a former head of GCHQ.

While serving as director general of GCHQ from 2014 to 2017, Robert Hannigan was at the heart of protecting the UK from a variety of threats, including those posed by malicious hackers. 

And when it comes to cyber defence, he told a London audience of security professionals, they can actually look at how hackers operate and apply some of the tactics they use to help improve security.

"I've spent a lot of time looking at these groups, looking at the new and ever more sophisticated attacks that they're developing, we have quite a lot to learn from these groups," said Hannigan, speaking at a security event hosted by Immersive Labs.

For cyber-criminal groups and underground communities on the dark web, speed is key to running a successful operation, especially when it comes to the use of zero-days and other advanced attacks where there can sometimes be just a short delay between their discovery, and software vendors being able to release security patches. 

"It's all about, can they get there quickly enough, hoover up enough cash to make it worthwhile before the security industry finally catch up with them. So agility and innovation and creativity are really key for them and what they prize above everything else," said Hannigan, who sits on Immersive Labs' advisory board.

While many businesses still look at university education and qualifications as an indicator of whether someone is suitable for a cyber security role, this doesn't apply on the Dark Web, here all individuals require to get involved in cybercrime is the skills to do the job; they don't need to produce the relevant paperwork to showcase what they can do.

"They've cracked the skills problem in their own way. They don't worry about qualifications, they don't ask for 2:1s in computer science or anything else for that matter," said Hannigan.

"They're interested in whether you can do a particular job and they can pull in those skills from around the internet in a classic criminal gig-economy sort of way. They're ahead of us on that".

The former GHCQ boss drew on an example seen on an underground forum where various dark web operators were discussing how to improve a form of ransomware.

"They're constantly thinking of new ways of doing it," he explained, and argued that security professionals should take the same approach in order to better protect systems and services from attackers.

"There's a challenge for us in industry to be a bit more agile, a bit more like cybercrime groups, although we do have to worry about the law, of course," he said.

ZDNet:

You Might Also Read:

Ex-GCHQ Boss: Nation State Cyber-Attacks Affect Everyone:

How Hackers Skipped Through BA’s Security

« AI Will Monitor 3D Printing
Japan’s Cyber Security Minister Admits He Just Doesn't Get It »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

eSentire

eSentire

eSentire is the authority in Managed Detection and Response Services, protecting the critical data and applications of organizations from known and unknown cyber threats.

CERT-SE

CERT-SE

CERT-SE is the national and governmental Computer Security Incident Response Team of Sweden.

Mixed Mode

Mixed Mode

Mixed Mode is a specialist in embedded and software engineering for applications including IoT and secure embedded systems.

High Sec Labs (HSL)

High Sec Labs (HSL)

High Sec Labs develops high-quality, cyber-defense solutions in the field of network and peripheral isolation.

Greenwave Systems

Greenwave Systems

Greenwave's AXON Platform enables IoT and M2M network service providers to address security, interoperability, flexibility and scalability from a single IoT platform.

Cyber Covered

Cyber Covered

Cyber Covered provide complete website & data cover with market leading cyber insurance and powerful compliance software in one affordable package.

Cybersec Infohub

Cybersec Infohub

Cybersec Infohub is a Hong Kong government programme to enhance the exchange of cyber security information with industry and enterprises to jointly defend against cyber attacks.

SuperCom

SuperCom

SuperCom are a global secure solutions integrator and technology provider for governments and other consumers facing organizations around the world.

Sontiq

Sontiq

Sontiq is committed to providing best-in-class, highly scalable, award-winning identity security solutions to consumers, businesses and government agencies.

WiebeTech

WiebeTech

WiebeTech’s line of digital forensics tools provide innovative and rugged devices for efficient disk imaging and evidence capture.

Techmentum

Techmentum

At Techmentum, our mission is to utilize technology to help companies succeed. Our expertise includes fully managed IT services, cybersecurity, cloud, and custom technology solutions.

Total Secure Technology

Total Secure Technology

Total Secure Technology provides trusted Managed IT Security and Managed IT Services for organizations looking to increase their cybersecurity defensive posture.

Brightworks Group

Brightworks Group

BrightWorks Group offer comprehensive technology operations and security operations consulting services, tailored to meet your specific needs.

Guardian Angel Cyber

Guardian Angel Cyber

Guardian Angel Cyber, is your trusted ally in safeguarding your digital assets and online presence.

OpenZiti

OpenZiti

OpenZiti is the world’s most used and widely integrated open source secure networking platform. OpenZiti provides both zero trust security and overlay networking as pure open source software.

CloudBees

CloudBees

CloudBees is building the world’s first end-to-end automated software delivery system, enabling companies to balance governance and developer freedom.