Learning From Hackers To Protect Against Attacks

To protect against cyber-attacks, defenders need to take a page out of the book of the criminals and become as agile and innovative as the groups they're trying to protect against, according to a former head of GCHQ.

While serving as director general of GCHQ from 2014 to 2017, Robert Hannigan was at the heart of protecting the UK from a variety of threats, including those posed by malicious hackers. 

And when it comes to cyber defence, he told a London audience of security professionals, they can actually look at how hackers operate and apply some of the tactics they use to help improve security.

"I've spent a lot of time looking at these groups, looking at the new and ever more sophisticated attacks that they're developing, we have quite a lot to learn from these groups," said Hannigan, speaking at a security event hosted by Immersive Labs.

For cyber-criminal groups and underground communities on the dark web, speed is key to running a successful operation, especially when it comes to the use of zero-days and other advanced attacks where there can sometimes be just a short delay between their discovery, and software vendors being able to release security patches. 

"It's all about, can they get there quickly enough, hoover up enough cash to make it worthwhile before the security industry finally catch up with them. So agility and innovation and creativity are really key for them and what they prize above everything else," said Hannigan, who sits on Immersive Labs' advisory board.

While many businesses still look at university education and qualifications as an indicator of whether someone is suitable for a cyber security role, this doesn't apply on the Dark Web, here all individuals require to get involved in cybercrime is the skills to do the job; they don't need to produce the relevant paperwork to showcase what they can do.

"They've cracked the skills problem in their own way. They don't worry about qualifications, they don't ask for 2:1s in computer science or anything else for that matter," said Hannigan.

"They're interested in whether you can do a particular job and they can pull in those skills from around the internet in a classic criminal gig-economy sort of way. They're ahead of us on that".

The former GHCQ boss drew on an example seen on an underground forum where various dark web operators were discussing how to improve a form of ransomware.

"They're constantly thinking of new ways of doing it," he explained, and argued that security professionals should take the same approach in order to better protect systems and services from attackers.

"There's a challenge for us in industry to be a bit more agile, a bit more like cybercrime groups, although we do have to worry about the law, of course," he said.

ZDNet:

You Might Also Read:

Ex-GCHQ Boss: Nation State Cyber-Attacks Affect Everyone:

How Hackers Skipped Through BA’s Security

« AI Will Monitor 3D Printing
Japan’s Cyber Security Minister Admits He Just Doesn't Get It »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Protegrity

Protegrity

Protegrity is an enterprise and cloud data security software for data-centric encryption and tokenization to protect sensitive data while maintaining usability.

Avast Software

Avast Software

Avast Software is a security software company that develops antivirus software and internet security services.

Hack The Box

Hack The Box

Hack The Box is an online platform allowing you to test your penetration testing skills and exchange ideas and methodologies with thousands of people in the security field.

MagicCube

MagicCube

MagicCube is a device independent IoT security platform that protects against on-device, cloud, and network attacks.

ThreatModeler

ThreatModeler

ThreatModeler is an automated threat modeling solution that fortifies an enterprise’s Software Development Lifecycle by identifying, predicting and defining threats.

LibraSoft

LibraSoft

Librasoft creates solutions to protect information from external and internal threats.

IntelliGenesis

IntelliGenesis

IntelliGenesis provide comprehensive cyber, data science, analysis, and software development services that provide tailored, secure solutions for your critical data and intelligence needs.

Tego Cyber

Tego Cyber

Tego Cyber delivers a state-of-the-art threat intelligence platform that helps enterprises deploy the proper resolution to an identified threat before the enterprise is compromised.

Cubro Network Visibility

Cubro Network Visibility

Cubro network visibility solutions remove network monitoring ‘blind spots’ to provide enhanced visibility and control of all data transiting a company’s network.

Interos

Interos

Interos is the operational resilience company — reinventing how companies manage their supply chains and business relationships — through a breakthrough AI SaaS platform.

Wadilona Cyber Securities

Wadilona Cyber Securities

Wadilona Cyber Securities' sole aim is to bring and secure Information and Communications Technology (ICT) to and work for humans in its simplest terms.

NANO Corp

NANO Corp

At NANO Corp, we keep your network visible, understandable, operational and secure with state-of-the-art technology.

Global Resilience Federation (GRF)

Global Resilience Federation (GRF)

GRF builds, develops and connects security information sharing communities for mutual defense.

RightSec

RightSec

RightSec is an emerging market leader and solution provider for cybersecurity and digital resiliency. We provide end to end solutions to suit your specific business lifecycle.

Incode

Incode

Incode is the leading provider of world-class identity solutions that is reinventing the way humans authenticate and verify their identities online.

Phone Monitoring Service

Phone Monitoring Service

Phone Monitoring Service provides cyber security services, ethical hacking services, social media hacking services in the USA, Canada, Europe.