They were patient. That’s how one security company executive — who monitors the guestbook-like log data of his clients — described attackers eyeing up one of his customer's network backups. The criminals were quickly booted. But, they were, the executive said, clearly hatching a bigger scheme. His best guess: seeding false data.
Despite recent headlines, the future of cybercrime has little to do with increasingly popular strains of malware — think, ransomware. Soon, criminal hackers hell bent on disrupting a business might work hard to undermine the confidence customers have in, say, your bank. They could accomplish such a task by slightly changing company information.
That means bank customers might end up not being able to complete an ATM transaction because of a modified four-digit PIN. That’s not bombast. Such prognostication isn’t far off in a world increasingly dominated by reports of NSA-leaked exploits and big box breaches.
Last week, I attended both Black Hat, a conference showcasing tools meant to protect networks, and DefCon, where hackers display research on how to break those same defenses. At the former, I met with security companies that help banks manage threat intelligence feeds, fight fraud, and practice good cybersecurity hygiene, among other vital functions. At the latter, researchers demonstrated exotic — and mostly impractical — techniques to cryptographically forge files, potentially allowing attackers to upload malicious updates; bypass the security protections of card readers; and 'weaponize' machine learning. All with the goal of helping ordinary firms improve their security posture.
It’s an annual illustration of the vast walls security teams must erect, while outsiders try to chip away at the smallest holes to potentially expose company secrets. We’ll leave the discussion of risk, and how banks prioritize patching software weaknesses, for another post.