Cybersecurity hacking the hackers

There are growing concerns and threats in the realm of cybersecurity that directly affect SMEs.  This market segment is increasingly under fire getting hit by hackers big time! SMEs do not allocate enough budget to cybersecurity or lack the specialized security task force to protect against cyber crime, unlike those large organizations that are much more cybersecurity-ready companies,  better off financially, and therefore much better protected.

Two out of five small and medium-size businesses have already fallen victim to some form of cyber crime. Extortion demands, phishing, spyware, ransomware, malware or impersonating the CEO of a company to steal confidential data…whatever the technique, it’s cyber crime galore given the incredible gain/effort ratio that gets so many people excited about how lucrative and easy this “business” can be.

However, despite the onslaught of headlines in the media or the warnings from fellow entrepreneurs who have already experienced an attack, many SME leaders fail to wrap their heads around the need to become cyber safe. The prevailing attitude is that a cyber attack “probably won’t happen to me.”

Many SMEs mistakenly believe that hackers only target systems owned by the “big boys.” In fact, many of the attacks on industry heavyweights that made the headlines were actually conducted by breaking into the systems of SMEs as an entry point. The hackers then wormed their way into the systems of the big players.

The vulnerability of these systems makes them prime targets for a large number of hackers who can easily do a lot of damage, even those that are not very skilled. The vast majority of cyberattacks are unpredictable and often hinge on random circumstances – such as the model of computer or the version of software we use. You can easily find sophisticated analytics tools on the dark web or in hacker forums. These tools can be used by literally anyone to quickly comb through the internet looking for signs of vulnerability and then targeting them with laser-like precision.

This is precisely what makes SMEs such an alluring target for hackers. They are easy to break into because they have little or no cyber protection at all, and are a direct access to the larger organizations they do business with. But SMEs are also ideal targets themselves with, as just mentioned, no problem to break into and very easy targets when it comes to paying a ransom demand as they are taken by surprise and feel helpless when under attack.

In a way, just like a ripe fruit on a branch ready to be picked!

A new paradigm shift: anticipating rather than reacting

In Cyber space, it is a constant battle to gain the upper hand just like a cat and mouse game. Hackers try to worm their way into hardware and software, while researchers go out of their way to find new ways to fix system loopholes and breaches or counter attacks. No matter how high an organization builds its walls, hackers always find a way in.

Part of the reason for this is that black-hat hackers, who typically work alone or sometimes collaborate informally, are more agile and quick than the people they target: these are corporate security task forces who operate in a reactive “monitor, detect, respond” mode. They often enough rely too much on sophisticated technologies to do the surveillance work that ends up taking way too much time before they detect the break in.

There are two different opposing logics here where one is always one step behind the other: on one end, hackers going after and trying to find all the system loopholes and vulnerabilities to do what they do best and researchers trying, on their end, to pinpoint and fix these loopholes. The latter are always being one step behind in this mad race against unpredictable, agile and often enough, incredibly efficient adversaries.

This situation therefore needs to be taken into account to work on promoting a more cybersecurity-ready mindset. Enough with running and chasing after hackers to fix the damage they cause. It now needs to be a whole different ball game where cyber protection means becoming an efficient surveillance and detection tool that can pick up the vulnerabilities of a system and hacker activity in real time i.e. taking action before cyberattacks do any serious damage. There are solutions that can do just that: online scanners that flag vulnerabilities of infrastructures, assessment tools to measure the cybersecurity maturity index of companies, raising cyber security awareness through campaigns, running penetration testing to check for exploitable vulnerabilities, and so on.

As with most subjects relating to security, the best defense generally consists in having offensive capability and a well thought out plan. It is the only way to stop falling victim to these attacks and taking the upper hand on cybersecurity. This will keep hackers at bay and send them off to easier targets to break into.

In a nutshell, it is all about going from being reactive to becoming proactive. Adopting this new paradigm shift is now urgent in order to break out of the victim mentality that has prevailed for a long time in this area: the best defense is a good offense.

Once we come to terms with the idea that our systems have probably been or will probably be targeted, we can then begin to take proactive measures that break away from the conventional way of thinking and embrace this new paradigm shift. Accepting this new risk environment is a crucial step in ensuring that all of us understand what our “new normal” is with these new and advanced threats. Coming to this conclusion does not mean admitting failure but rather acknowledging the extent of the changes in the world we live in.

Thinking like a hacker

It is clear that the traditional approaches to cyber security have become increasingly ineffective, as hackers have continued and continue to hone their skills every chance they get. When an attack happens (and it usually happens before we realize it), it is already far too late to start taking the security of our businesses and institutions seriously, no matter how big or small the organization. This brings new meaning to what cybersecurity/cybercrime is all about.

In this global cybersecurity paradigm shift, it is important to grasp the modus operandi of the hackers themselves, to learn from the way they think and operate in order to be able to ensure the security of IT infrastructures and the resilience of a business.

And going further, understanding the way hackers think and their logic is very important. In any strategy, understanding an opponent’s strategy is the name of the game. And because a hacker’s strategy, it must be said, is very efficient, then we have to use it against them and give them a taste of their own medicine. Just like in Aikido where we take control of the opponent’s own strength and use it to throw them down or toss them aside, we need to do the same with hackers. From now on, we have to think and behave (the way he operates) like a hacker but with a constructive and well-meaning mindset. This is the philosophy of what are known as ethical hackers or “white-hat hackers,” who exploit computer systems or networks to flag security flaws so they can make recommendations for improvement.

So yes, when hackers are being hacked, it is indeed a great step forward for cybersecurity.