RSA 2017: Why exactly are the cyber criminals currently coming out on top? Here are five reasons…
One thing that has been made abundantly clear at this week’s RSA Conference 2017 in San Francisco is that fighting and defending against cyber crime is more difficult than ever before.
Hackers and cyber criminals have an increasingly-large array of sophisticated weapons at their disposal, while complex government and business ecosystems make defensive cooperation and coordination difficult to achieve.
Michael McCaul, Chairman of the House Committee on Homeland Security, put it bluntly during his keynote speech when he said: “We are in the fight of our digital lives and we are not winning. Our cyber rivals are overtaking our defences.”
“Nation states are using cyber tools to steal our country’s secrets and copy our intellectual property. Faceless hackers are snatching our financial data and locking down access to our healthcare information. And terrorists are abusing encryption and social media to crowdsource the murder of innocent people.”
So, why exactly are the cyber criminals currently coming out on top? McCaul identified five reasons.
Simply put, the first problem is that there are so many different types of cyber threat out there that it has left governments and businesses fighting an uphill battle to keep pace.
Networks have become more complicated, more data is being created than ever before and employees are now able to work from wherever they choose. At the same time, one vulnerability or one mistake can let the hackers in.
“The digital frontier is a lot like the wild west,” McCaul said. “There are more cyber outlaws than cyber sheriffs to round them up. A lot of hackers out there should be behind bars, but law enforcement agencies at all levels are struggling to keep up with the volume and complexity of network intrusions.”
The second issue, somewhat related to scale, is one of speed. The development of technology is moving at a phenomenal rate, which again gives the bad guys the upper hand.
“The high speed of tech gives cyber criminals the advantage. History shows us that offensive weapons always outpace our defences, we have faced this challenge with every man made weapon since the stone age. Yet we’ve never seen a weapon used against us so regularly, so aggressively and a weapon that can adapt while we are trying to defend against it. And it’s expensive to keep up,” explained McCaul.
“Today in some cases, the United States government is fighting 21st century threats, with 20th century technology in a 19th century bureaucracy.”
This last point brought a chuckle from the audience, but illustrates the true nature of the problems faced by governments around the world.
Read More: Smart Home Attacks And Data Weaponisation
3. Lack of information sharing
This was a common theme throughout RSA 2017 and a notion that continues to divide opinion. Organisations have a huge amount of data at their disposal, but the effective sharing and coordination of this data have so far proved elusive.
“There are serious information sharing challenges. I compare this to the period before 9/11. We all had the information we needed to keep terrorists from attacking on that fateful day, but we did not connect the dots. The walls were up but we didn’t share the information,” noted McCaul.
“We are in the same place with cyber. Between companies, government agencies and US allies, we have the threat data to stop many of these intrusions, yet the sharing is still far too weak. As a result, the vast majority of cyber attacks go unreported, leaving others vulnerable to the same intrusions.”
McCaul joined Microsoft President Brad Smith and Intel Security’s senior VP and general manager Christopher Young in calling for businesses to “step up to the plate” and work together, but until that happens the issue of data sharing will continue to be a prevalent one.
Continue to page 2 for more reasons why we’re losing the cyber battle…