The four forces behind cyber-security collapse
Click below if you prefer to listen.
Season 2 Episode #1
Cyber-security is collapsing and here are the four forces which are causing this to happen.
Force #1: Mobility & Interconnection of things, data and devices
I guess this is the most prominent and profound change as since 2012 all devices and data have been interconnected through the internet. We call it the “internet of things” in technical terms but basically it has to do with this trend of mobility and interconnection.
Think about it. Everywhere you go there is Wi-Fi available and hotspots, your data do not live on a specific device anymore, it is on a cloud and synced through different devices so that you have uninterrupted access to it from everywhere, at any time and with no limitations or restrictions.
Well, that comes with a price. The price for a change that cannot be supported through the current infrastructure of security setup and at a price you are willing to pay. Everything comes with a price and the more mobility and interconnection you seek, the more you are opening yourself up to risk of cyber-attacks which grows exponentially.
Force #2: The Opening of hardware level Pandora Box attacks
For decades specific tools and attack methodologies were developed by government agencies in order to be able to capture criminals and promote their countries interests and for decades only those agencies were able to use them. Recently many of those tools and methodologies leaked onto the internet literally opening everyone up to a world of dangers which are undetectable. Why undetectable? Most of the population is familiar with software level attacks and those covered with an antivirus and a firewall yet now we live in the world of zero-days, backdoors and side-channel attacks which are samples of highly sophisticated level attacks. That is why I call it “opening of the hardware – level Pandora Box”. If you want examples of such attacks think about the most recent “meltdown” and “spectre” which made the headlines big-time about a year ago or the CIA’s Vault 7 Tool box and NSA’s EternalBlue exploit which was used surprise surprise to perform the well-known for everyone it terms of numbers of people affected and catastrophic results WannaCry ransomware attack and Petya cyber-attack. The last two years worldwide attacks clearly indicate that we are in the era of “hardware level Pandora Box attacks and there is currently nothing in the security industry arsenal to stop those.
Want a little help?
Force #3: An outdated infrastructure architecture
I have introduced you to another level of attacks which are undetectable, hardware level attacks. So, let’s talk more about hardware. Even though the software level and technology are moving at a really fast pace hardware architecture on the other hand has stayed stagnant.
I mean, yes for those who understand hardware you might say but after the year 2000 we were focusing on power consumption at the hardware level. Yes, we did yet, we never changed the processor’s architecture in terms of security. We are designing everything with a rusty 1985 processor architecture in which security was not a requirement simply because security back then was not a requirement. And it wasn’t because “force # 1” was just a dream of only the most visionaries.
Force #4: The Elite’s breakdown of ethics
Let’s face it. Our world is built on money, not ethics and solid values and we have the huge trend of the online marketplace taking over the traditional physical location businesses. A new world of opportunities has been opened for everyone to sell their products, services and skills if you wish; through the internet having the ability to reach literally everyone around the world. Well, like everything the use we make of any medium of improvement depends on who we are. So, it didn’t take long for a number of hackers with elite capabilities to capitalize this opportunity by developing and marketing through a non-easy to detect and control part of the internet plug and play tools for anyone to buy. As you know a big pool of clients means ability to sell at lower prices and in this case, we are talking about identity-theft at the cost of a coffee, stealing of business-related intellectual property in the cost of hundreds or thousands and human survival in the hands of terrorist groups and their ability to fund their physical attacks through ransomware. I call it the “Elite breakdown of ethics which has enabled an army of weaponized solders and mediums of destruction. These elite hackers managed to control and shape the world around us while making profit and remaining anonymous. They are the current movers and shakers of the reality we live in. You can think about them as the worldwide secret government in charge.
As for the solders; they are busy having fun by blocking people from accessing the internet on a coffee shop, or stocking a person for their sick reasons, or feeling cool by being a member of a botnet so that the real hacker will not get caught while destroying a target online or even stealing a few thousand dollars by ransomware. What they do not know though is that they are the toys of greater perpetrators and in a bigger scale their “innocent” small games are creating a supply chain of destruction of the planet. It would be really nice for everyone to grow up and know the impact of their actions even though I do not expect this to happen any time soon.
Let’s have a tweetable.
There you go. The four forces behind cyber-security collapse.
As always the best discussions happens after the episode so now it’s the time to share your views about the forces behind cyber-security collapse.
Apply what you learn immediately. Download “Master your protection” free quick start guide.
Prominent changes in the trajectory of the Cyber-security space Part 1 Click below if you prefer to listen. Free Quick start guide: Master your business Protection I am certain you have all noticed that there are some changes around us affecting the way the world is...
Security planning for 2019 part 3 Click below if you prefer to listen. Free Quick start guide: Master your business Protection This episode is the third and final part of a three-part series based on a study I conducted about how the security...
Security planning for 2019 part 2 Click below if you prefer to listen. Free Quick start guide: Master your business Protection This episode is the second part of a three-part series based on a study I conducted about how the security levels of...
and get the latest updates