Safeguarding against next-gen cyber risks
>
The idea that cybersecurity is ever-changing is widely understood, but it’s important to define what exactly this means. The scale and impact of cybercrime has increased dramatically over time. Particularly over the past decade, the rise of ransomware has made cybersecurity a major topic of conversation at the highest levels and in the boardroom.
So what has changed? For starters, the cybercrime industry has undergone a radical transformation into a more professional and industrialized enterprise, with well-established supply chains and markets. Alex Holland, senior malware analyst at HP, explains Tech Radar Pro that far from the stereotype of “hackers in hoodies”, cybercrime is now really “big business”. Indeed, according to research by HPthe dark web fuels the way cybercriminals collaborate, trade, support each other’s attacks and also monetize attacks.
One of the immediate threats in this changing landscape, as far as companies are concerned, has been managing their workforce during the pandemic and in the wake of the rise of hybrid work. “That has created a lot of challenges for enterprises as they have to configure their devices remotely, they have to defend their devices remotely, and we know that endpoint visibility – in terms of security and threat detection – has always been a challenge for the company,” explains Holland. “Companies also need to be able to defend against and recover from these attacks, should the worst happen.”
This blurring of the lines between an employee’s private and professional life also poses a major risk for companies. Research HP published last May revealed that 71% of employees say they are more likely to access more company data from home. At the same time, more and more office workers are using their work devices for personal tasks – 70% admit to using work devices for personal tasks, such as checking emails.
“We believe that using work devices, especially for tasks such as accessing webmail, is very dangerous. Email is the most important vector,” he continues. “We consistently see that from the data we analyze in my team, and email is essentially a direct route to the enterprise. Once you’ve compromised an endpoint, attackers can spread sideways and really do a lot of damage.”
Meanwhile, ransomware continues to be a thorn in the side of businesses around the world. However, identifying how ransomware evolves can aid defense efforts. The threat has moved from an opportunistic form of cyberattack, say, a decade ago, to one that is calculated, well-considered, and multi-element. For example, Holland explains that operators don’t focus on encrypting a single device, but an entire fleet of devices. However, to achieve these complex goals, hackers specializing in different areas are starting to collaborate with each other.
“Every burglary needs an access point, for example,” says Holland. “Unauthorized access is very important and very valuable in the cybercrime ecosystem. So what we find on these dark web marketplaces [is] you have threat actors that specialize in selling unauthorized web access or initial access.
Holland says HP wants to counter these threats by building security into the hardware — which is complemented by the Endpoint Security Controller hardware chip. This secure-by-design approach is based on a solid foundation and verifying the integrity of a system. The manufacturer supports a range of security features ranging from firmware protection to detecting malware running in memory to isolating risky activities. The other side of the equation is configuring devices before they are shipped to employees, with HP offering services to provide a company’s desired security configuration right off the production line.
“We’ve been working on securely designed hardware for over 20 years, and one of our main focuses has been resilience,” says Holland, with HP’s approach combining attack prevention, malware and other threat detection, and remediation.
“It’s very easy to be a doomsayer and talk about how bad cybersecurity and cybercrime are,” he continues. “I think there is hope to reduce cybercrime, but that will require a partnership between Intel and HP. [and] it requires government intervention.
“We need to make more of an effort for attackers to successfully compromise networks – and we have the available technologies to do that. We also need to reduce the rewards that compromise these networks; that they have no access to the crown jewels.”
Watch the video above to hear our full conversation with HP’s Alex Holland and learn more about what tools and techniques companies can use to mitigate the threats of the evolving cybercrime landscape