Sharing is caring - and it's helping hackers outwit the security industry.
That's according to Matthew Rosenquist, security strategist at Intel, who told attendees of Comptel's Nexterday North conference in Helsinki that the industry needs to get better at cooperation.
"The bad guys are so good at [cooperation]," he said. "And the good guys, my peers, the security professionals around the world, we are so bad at this, though we're getting better."
Criminals share ideas, targets, code and best practices, Rosenquist said. "They will help another, sometimes for a fee, many times just because it's part of the community, just because they can and they want to. This gives them a distinct advantage, especially when you're sharing victim lists."
He pointed to lists of potential victims being shared online for any hacker to see, whether it's for spam, ransomware, or even specific infrastructure. "If you were ever in a position where you where you made a mistake and got something like ransomware... chances are whoever's running that campaign figured out who you were and are now sharing your name or IP address with their comrades, friends or business partners, because if they know you're an easy victim, then let's share that information."
And for those criminals who aren't willing to share without monetary compensation, it can all be sold on the "hacker economy", Rosenquist said, pointing to the growth of hacking-as-a-service.
"If you want to be an online criminal, you don't have to do any of that," he said of programming and coding. "You can hire out. Hacking as a service is available to you."
What's next
Rosenquist revealed growth areas for hackers, pointing to a rise in stolen certificates - "they're using our own trust systems against us, that's very smart" - as well as a rise in contextual social engineering, in which criminals aggregate data about you to make their phishing expeditions more successful. "If you received an email from somebody you don't know, you wouldn't click," he said. "But what if you received an email from your boss, coworker, trusted friend?"
Indeed, he predicted hackers would start using more "integrity attacks", which are "not about harvesting data or shutting down an environment, it's about discrete manipulation of transactions."
Rather than hack a bank to steal cash or a company to harvest data, criminals target a high-ranking individual or simply their email system, sending a message from the CEO to accounts requesting a payment be made on a faked invoice.
Rosenquist advised companies to take necessary precautions to avoid being an easy target, especially if you're a rich target; to have a security savvy leader who can develop a plan and implement it; and to build security and trust into your business, products and services.
"Our world is changing for the better, with technology tying into everything that we do, and with that wonderful opportunity there's risk -- but we can manage it," he said.
Sharing is caring -- and it's helping hackers outwit the security industry.
That's according to Matthew Rosenquist, security strategist at Intel, who told attendees of Comptel's Nexterday North conference in Helsinki that the industry needs to get better at cooperation.
"The bad guys are so good at [cooperation]," he said. "And the good guys, my peers, the security professionals around the world, we are so bad at this, though we're getting better."
Criminals share ideas, targets, code and best practices, Rosenquist said. "They will help another, sometimes for a fee, many times just because it's part of the community, just because they can and they want to. This gives them a distinct advantage, especially when you're sharing victim lists."
He pointed to lists of potential victims being shared online for any hacker to see, whether it's for spam, ransomware, or even specific infrastructure. "If you were ever in a position where you where you made a mistake and got something like ransomware... chances are whoever's running that campaign figured out who you were and are now sharing your name or IP address with their comrades, friends or business partners, because if they know you're an easy victim, then let's share that information."
And for those criminals who aren't willing to share without monetary compensation, it can all be sold on the "hacker economy", Rosenquist said, pointing to the growth of hacking-as-a-service.
"If you want to be an online criminal, you don't have to do any of that," he said of programming and coding. "You can hire out. Hacking as a service is available to you."
[xhead]What's next
Rosenquist revealed growth areas for hackers, pointing to a rise in stolen certificates -- "they're using our own trust systems against us, that's very smart" -- as well as a rise in contextual social engineering, in which criminals aggregate data about you to make their phishing expeditions more successful. "If you received an email from somebody you don't know, you wouldn't click," he said. "But what if you received an email from your boss, coworker, trusted friend?"
Indeed, he predicted hackers would start using more "integrity attacks", which are "not about harvesting data or shutting down an environment, it's about discrete manipulation of transactions."
Rather than hack a bank to steal cash or a company to harvest data, criminals target a high-ranking individual or simply their email system, sending a message from the CEO to accounts requesting a payment be made on a faked invoice.
Rosenquist advised companies to take necessary precautions to avoid being an easy target, especially if you're a rich target; to have a security savvy leader who can develop a plan and implement it; and to build security and trust into your business, products and services.
"Our world is changing for the better, with technology tying into everything that we do, and with that wonderful opportunity there's risk -- but we can manage it," he said.
