Cybercrime and cybersecurity do have rules.
You might have read a few articles about cybercrime, heard some stories or have already been a victim. The last few months I read a lot about cybercrime and even went to several security symposiums. Now it’s obvious for me that cybercrime isn’t any longer a smart wizkid showoff game. It has become a serious business game for criminals, terrorists and government intelligence who are constantly attacking us at our homes and companies. Whenever we or our smart devices are online at the internet. What warried me was that a firewall, antivirus application and internet hygiene aren’t enough to protect me against the brutal phishing attacks, ransom of my data and spying through my webcam. No, now I know that we are all a part of the cybercrime network and have to participate in the cybersecurity war. Join it or you might prefer to ignore it, the cybercrime game is on, 24x7. I would rather call it a game instead of a war.
Every game is played by rules. But how can you play a game with others who don’t play by the rules, like cybercriminals. Well, if you don’t want to become a criminal as well, keep playing by a set of rules to protect your private and company’s network and data against cybercriminals.
Cybercrime, like traditional crime, is about assets and access, except it’s digital and electronic. An access attack is the abuse of an existing entrance and exit or creating a new way in and out to steel, high jack or destroy assets. The digital access attack can be secretly and hidden or done by brute force. No one can protect access and assets a 100% against criminals by prevention. Keep this always in your mind when you want to protect and keep your assets and play the cybersecurity game by these 5 rules:
1. Locate vulnerable access and valuable assets. (It’s a LOT of WORK)
2. Protect the assets by hiding them and hardening the access. (Use TOOLS and RULES)
3. Monitor, detect and analyze the access and assets attacks. (Be always aware of THREATS and REPORT about them)
4. React immediately on the attack and try to minimize the impact and damage. (Have a PLAN A and B)
5. Learn from threats and attacks to protect your assets better. (Become a MASTER)
After you have read these rules you will easily understand that a cybercriminal will use the same set of rules. Will cybercrime fighting always be a rat race? Probably yes, despite of catching a few of these rats and trying to be smarter than your opponent. If you know how valuable your assets are for a criminal, you also know how much you might have and want to invest to protect them. On the other hand, the criminal will know how much to invest to get them.
If cybercrime is just as every other game about the difference between gain and loss, you want to know what your chances are. Besides playing a game by rules and investing time and money to get to the highest level, it’s important how much risk every player is willing to take in winning or losing. How much risk are you willing to take against cybercrime and reduce the chance and impact? You can reduce or minimize the risk in a great variety for example by staying off line, give away all your assets, put them in a fortress, hire somebody else to protect them or just insure your assets. Everybody knows that none of these measures are always possible or realistic and can make you paranoid. When you or your company becomes a victim of cybercrime did you have bad luck or did the cybercriminal played the game smarter? A lot of people think that all games are about luck. They are not, only a gamble game is about luck all other games are about skills and tactics. So, accept your cyber loss and try to learn something from it.
Most of the time it is only information that they took from you to gain some money. It’s still not very likely that a cybercriminal wants to take your life. A cyberterrorist could try this or create a maximum of damage and chaos. This is a totally different threat, because your life or company are at stake, but still the 5 rules are valid and you might have to add an escape or survival plan. Most cybercriminals will also take these extra precautions. A modern terrorist won’t.
So stay calm and play the cybersecurity game by the rules and there will be a good chance you will survive and sleep every night without having bad cyber dreams. The cybercriminal hasn’t any fear, because it’s most likely that his bed is at the other side of the world.
October 2016, Geert Fabriek
About the author: I’m a senior ICT project manager and ICT consultant. Most projects that I manage and the advice I give are based on ICT infrastructure and telecommunication solutions. It intrigues me how people and machines communicate through digital networks anytime, anywhere and with any one.
Service Owner - IT Security at Dienst Uitvoering Onderwijs (Ministerie van OCW)
7 年Geert, nice article. As a ethical hacker it is great to see that other people than IT security specialists take notice of the world of cybersecurity. This will become part of all our jobs. With security specialist and assets custodians we discuss a lot about this. There is a lot to say and learn about. There are different ways we might translate 'rules' here. I would say a methodology to reach your goals as efficient as possible and on the other hand a methodology to defend as efficient as possible. Most of these are surrounded by risk management frameworks today. The rules of attack and defense are different, but both must learn from each other. I like to discus about this with you when we meet again :-). One thing I like to add right now is to assess the counter measures that a organization have taken. A pentester or ethical hacker can attack your valuable assets in a controlled way. Based on the result you can define if your defense rules are working of need some adjustment. This might fit in you last rule.