Story image

INTERVIEW: SolarWinds MSP security VP lays industry bare

03 Apr 18

Cybercrime is a business and the rising number and severity of attacks is not a result of criminals getting smarter and more skilled – a lot of businesses are just maintaining poor ‘cyber hygiene’.

That’s the opinion of SolarWinds MSP VP of security Tim Brown, who has over 20 years of experience in cybersecurity including roles at Dell, Symantec and CA Technologies.

“The threat landscape is always changing and that’s the constant we have. Since it’s a business, people are always looking for new methods to infiltrate systems and gain controls. When considering whether it’s better or worse, we see some signs that it could be becoming a little less benign and less angry, but still extremely active,” says Brown.

“Take crypto mining; this has evolved because the bad guys don’t necessarily want to be so bad—it’s easier to not inflict harm. They see crypto mining as an alternative as long as they’re getting their pay-out. One positive is that our ability to be able to stop threats is getting stronger, and we have an increased level of awareness (due in part to the media) that enables us to implement faster and smarter detection and response plans.”

Brown says when you look at cybercriminals, there is organised crime and then there is the unorganised group that are just looking for a quick dollar.

“The criminal marketplace is pretty segmented. Some people are in place to create a botnet, some to discover a botnet, and some are using that to do a DDoS attack. The main avenue of attack is still the basic one—bad cyber-hygiene—and criminals are always searching for weak points,” says Brown.

“They will do a broad scan and look for systems that are vulnerable and then move sideways to attack. It can be broad-based or specialised, like we see in certain verticals. Take education for example with pre-credit youth data. Every type of data has a value on the dark net.”

Brown says while there are some cases where cybercriminals have become smarter and more skilled, the majority of attacks are still a result of poor hygiene.

“So when you look at organisations who do well on their hygiene, and you look at others who don’t, you can see a spike in attacks. It’s one of the reasons we are seeing a shift to the bad guys targeting more and more small-medium sized businesses who don’t necessarily have the same levels of sophistication or resources to protect themselves as larger organisations do,” says Brown.

“The cybercriminals use them as an entry point to get to the bigger organisations. That’s what we saw with the Target attack and the HVAC vendor that “let them in” unknowingly. This is becoming a bigger and bigger problem for SMBs, which is why outsourced security services make a lot of sense for them.”

Brown says increasingly service people around the world are being trained to have cyber skills because there is no question that cyber is one of the largest battlefields of the future.

“The thing about most nation states is that they’re playing by rules they’ve played by for a long time; they’re just changing the attack method,” says Brown.

“But what they want to achieve is the same as it’s always been such as competitive intelligence gathering, governmental and political influencing, compromising assets such as critical infrastructure, election tampering, etc. It’s not that it’s so different now; they just have different tools to play with, and those tools happen to be cyber.”

SolarWinds MSP recently conducted a survey that analysed more than 200 UK and US IT security leaders on their awareness of and ability to defend against major cyberattacks.

“Looking at attacks like WannaCry, Petya, and the Vault 7 leaks, we found that a majority of businesses across all sizes don’t have the right resources to be able to overcome these types of threats. According to the survey, there is a continued increase in IT skills shortages which plays a large factor,” says Brown.

“In addition, less than half of respondents believe their organisations’ enabling security technologies and budget are sufficient to prevent, detect, and contain risk. Taken together, these findings support earlier results that show a low rating by security leaders about their organisation’s ability to curtail cyberthreats, such as ransomware or Vault 7-type attacks.”

In terms of what type of attack do businesses need to be more aware of, Brown says while, vertical and geography may play a role, it comes down to one thing.

“The bigger and more important factor is, what is the organisation’s crown jewels? In other words, what are they worth to the bad guys and how can the bad guys use them to infiltrate theirs and other connected systems? Our recent cyberthreat survey interestingly showed that about 30 percent across the board don’t feel these factors are that critical. And to a large degree, they’re right,” says Brown.

“An organisation needs to be sure it has a good incident response plan in place that gives it the ability to act swiftly across people, process, and technology, to lessen the probability of an attack and its impact, if one occurs.”

Hillstone CTO's 2019 security predictions
Hillstone Networks CTO Tim Liu shares what key developments could be expected in the areas of security compliance, cloud, security, AI and IoT.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.
Huawei founder publically denies spying allegations
“After all the evidence is made public, we will rely on the justice system.”
Malware downloader on the rise in Check Point’s latest Threat Index
Organisations continue to be targeted by cryptominers, despite an overall drop in value across all cryptocurrencies in 2018.
IoT breaches: Nearly half of businesses still can’t detect them
The Internet of Thing’s (IoT’s) rapid rise to prominence may have compromised its security, if a new report from Gemalto is anything to go by.