Learning From Hackers To Protect Against Attacks

To protect against cyber-attacks, defenders need to take a page out of the book of the criminals and become as agile and innovative as the groups they're trying to protect against, according to a former head of GCHQ.

While serving as director general of GCHQ from 2014 to 2017, Robert Hannigan was at the heart of protecting the UK from a variety of threats, including those posed by malicious hackers. 

And when it comes to cyber defence, he told a London audience of security professionals, they can actually look at how hackers operate and apply some of the tactics they use to help improve security.

"I've spent a lot of time looking at these groups, looking at the new and ever more sophisticated attacks that they're developing, we have quite a lot to learn from these groups," said Hannigan, speaking at a security event hosted by Immersive Labs.

For cyber-criminal groups and underground communities on the dark web, speed is key to running a successful operation, especially when it comes to the use of zero-days and other advanced attacks where there can sometimes be just a short delay between their discovery, and software vendors being able to release security patches. 

"It's all about, can they get there quickly enough, hoover up enough cash to make it worthwhile before the security industry finally catch up with them. So agility and innovation and creativity are really key for them and what they prize above everything else," said Hannigan, who sits on Immersive Labs' advisory board.

While many businesses still look at university education and qualifications as an indicator of whether someone is suitable for a cyber security role, this doesn't apply on the Dark Web, here all individuals require to get involved in cybercrime is the skills to do the job; they don't need to produce the relevant paperwork to showcase what they can do.

"They've cracked the skills problem in their own way. They don't worry about qualifications, they don't ask for 2:1s in computer science or anything else for that matter," said Hannigan.

"They're interested in whether you can do a particular job and they can pull in those skills from around the internet in a classic criminal gig-economy sort of way. They're ahead of us on that".

The former GHCQ boss drew on an example seen on an underground forum where various dark web operators were discussing how to improve a form of ransomware.

"They're constantly thinking of new ways of doing it," he explained, and argued that security professionals should take the same approach in order to better protect systems and services from attackers.

"There's a challenge for us in industry to be a bit more agile, a bit more like cybercrime groups, although we do have to worry about the law, of course," he said.

ZDNet:

You Might Also Read:

Ex-GCHQ Boss: Nation State Cyber-Attacks Affect Everyone:

How Hackers Skipped Through BA’s Security

« AI Will Monitor 3D Printing
Japan’s Cyber Security Minister Admits He Just Doesn't Get It »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Eversheds Sutherland

Eversheds Sutherland

Eversheds Sutherland is a global multinational law practice offering a full range of commercial and IT law services including Privacy, Data Protection and Cyersecurity.

Oppida

Oppida

Oppida provides tailored IT security services to help you identify security gaps and assist in finding the most effective remediation.

Aves Netsec

Aves Netsec

Aves is a deceptive security system for enterprises who want to capture, observe and mitigate bad actors in their internal network.

Boldon James

Boldon James

Boldon James are market leaders in data classification and secure messaging software.

Aujas Cybersecurity

Aujas Cybersecurity

Aujas has deep expertise and capabilities in Identity and Access Management, Risk Advisory, Security Verification, Security Engineering, & Managed Detection and Response services.

LMG Security

LMG Security

LMG Security is a cybersecurity consulting, research and training firm.

Tapestry Technologies

Tapestry Technologies

Tapestry Technologies supports the Department of Defense in shaping its approach to cybersecurity.

MDSec

MDSec

MDSec is a consultancy with a passion for information security. Our consultants specialise in application, mobile and hardware security and targeted red team attacks.

AutoRABIT

AutoRABIT

AutoRABIT provides DevSecOps tools built specifically for Salesforce developers to increase release velocity, produce consistently high-quality code, and enhance data security.

Kiteworks

Kiteworks

Kiteworks (formerly Accellion) creates a dedicated Private Content Network that ensures zero-trust private content protection and compliance.

AArete

AArete

AArete is a global management and technology consulting firm specializing in strategic profitability improvement, digital transformation, and advisory services.

Helix Security Services

Helix Security Services

Helix Security provides IT & information security consultancy to government and businesses across New Zealand.

Emantra

Emantra

Emantra specialises in the enablement of Secure Cloud services through it’s comprehensive Sovereign Cloud Hosting, Secure Access Service Edge, and managed services.

CliffGuard Cybersecurity

CliffGuard Cybersecurity

CliffGuard Cybersecurity deliver comprehensive services designed to protect your organization from the ever-evolving landscape of cyber threats.

Vortacity Cyber

Vortacity Cyber

Vortacity is a boutique cybersecurity provider specializing in associations, nonprofits, and mission-based organizations.

SECQAI

SECQAI

At SECQAI we create dual-use hardware and software to enable the future of computing.