Dark Clouds On The Horizon: The Rise Of Sophisticated Cybercrime

Sophisticated Cybercrime

The story reads as if it were pulled from the pages of a Tom Clancy novel: a collection of US banks suddenly starts receiving Distributed Denial of Service (DDoS) attacks that are carefully timed to re-strike just as their systems start to repair themselves. The attacks are carried out by waves of botnet zombies pouring from infected servers across the world and aimed at the United States. The main source of the outbreak is an innocent general interest website based in the UK that has been poisoned by a web design company out of Turkey. The alleged perpetrators of the attack: a shady extremist group based in the Middle East.

This, however, is not fiction. It happened in January 2013 and exists now as one of the case studies/success stories of Incapsula, (www.incapsula.com) a cloud-based website security company based in Redwood Shores, a short drive from San Francisco.

As computing technology has grown in sophistication and power over the years, so has the criminal element that seeks to exploit it. Individual interest groups, religious factions, even entire countries are at work seeking any and every weakness available inside lines of code, forms, executable files and any other seemingly innocuous paths that can lead eventually to disruption, destruction, theft and chaos.

In this case, the computers and the experts at Incapsula were able to detect and thwart the attack before any major damage occurred, but as Incapsula security analyst Ronen Atias writes in his account of the event, “this is just another demonstration of how security [on] the internet is always determined by the weakest link.” He points out that the simple mismanagement of an administrative password on the UK website was quickly exploited by the botnet shepherds in Turkey. “This is a good example,” he says, “of how we are all just a part of a shared ecosystem where website security should be a shared goal and a shared responsibility.”

GurIncapsula CEO Gur Shatz agrees. As a veteran security specialist and former captain in the Intelligence Corps of the Israeli Air Force, he has seen it all, and he sees the problem as growing in sophistication.

The reason for the rise in Advanced Persistent Threats (APTs) is less about who the perpetrators are, and more about risk versus reward,” he says. “The inadequacies of today’s defenses, juxtaposed with the ever-rising value of the information that can be stolen, represent a huge opportunity for cybercriminals. Personal or corporate devices are a tremendous intelligence source, carrying richer and more accurate data than ever before, but protections on these devices still mostly rely on outdated technologies such as passwords.

The interconnectedness of cloud technology presents both a good news and bad news scenario when it comes to the criminal element, Shatz says. The bad news is that the interconnected nature of the cloud has increased the exposure of an organization’s infrastructure. The good news, though, is that the cloud is a much less heterogeneous environment than the jungle of personal devices (smartphones, laptops, etc.), which means that the cloud-based production environment can be made more secure much more easily than corporate networks, which is where Incapsula comes in.

Shatz points out that in general, hackers are lazy and will almost always take the easiest path to infiltrate their target. The fact that an alarmingly large number of incidents involve simple password theft indicates that this is still a major issue. However, targeted attacks on more security-conscious companies certainly require more sophisticated tools, which are readily available to cybercriminals.

When assessing a company’ risk for exposure to APTs, is common for some to take a head-in-the-sand approach, thinking, for example, “I’m not a bank, I make farm equipment, so I do not have to worry.” But Shatz points out a company without any major secrets or critical online functionality is still subject to being used as a “mule” to conduct cybercrime, as with the “Tom Clancy”  scenario mentioned earlier. “Even small online businesses such as ecommerce sites, are vulnerable,” he says, “because downtime or slowness costs them both money and reputation damage. This makes them target to DDoS extortion (which is essentially the online version of the protection racket for physical stores).” Incapsula has seen several instances of this type of attack over the past six months.

Ultimately, Shatz says, shying away from the cloud rather than risking attacks of this sort is not an option, since even if you don’t go online, your competitors will. So it’s really a question of how secure your cloud environment and web applications actually are. Various types of solutions are available from companies like Incapsula and others. But avoiding the cloud, which is equivalent to putting your head in the sand and keeping it there, is not a solution.

By Steve Prentice

Data Bed.png
Data Fallout.png
Answer To Everything.png
Recovery Experts.png
Dmitry Chekalin
How Much Should a Modern Website Cost? A website is a valuable instrument for growing your business. Your website presents your brand to users. Also, it compels your prospects to become your customers. So, how ...
Rakesh Soni
Customer Experience: Living In A Connected World and Winning the IoT Race IoT and smart interconnected systems have already created an invisible aura of convenience, usability, and a rich user experience around us. However, when ...
The all-new Stellar Repair for MS SQL – an Efficient Tool to Fix SQL Database Corruption
Efficient Tool to Fix SQL Database Corruption SQL database corruption is not uncommon. There are many reasons for SQL database corruption, such as virus infection, bugs in the SQL Server, errors during updates, abrupt system ...
Rajesh Khanna
Implement Hyperautomation to Scale Automation Programs by 3X Most Digital Service Providers (DSPs) struggle to accelerate their path to Hyperautomation due to the complex processes with legacy systems and applications. Although Robotic Process Automation (RPA) plays a ...
Alex Vakulov
Ransomware Database Targeting The scourge of ransomware is undoubtedly the most severe cyber security concern for home users and organizations these days. It revolves around taking important data hostage and demanding money, usually hard-to-trace cryptocurrency ...
  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.