Digital Pirates

Many of you will remember long summer days with the streets filled with laughing children congregating to play football or just 'hang out' with their friends - I certainly remember a neighbour or two chasing us down the street for being too noisy.

Today, far too many roads are silent as our children stay indoors and virtually gather online to 'play'. Of course, many would argue that's progress, but it's just one example of our shift to a digital world.

Another example is our oceans. Once a dangerous place with bands of pirates sailing the seas looking for vulnerable vessels to board and plunder, today, modern-day bandits have swapped the seas to surf the internet, looking for victims to pillage. While our children play in virtual worlds, cyber criminals parley virtually, working together to develop their digital weapons.

With more computers worldwide, especially in economies where even "light" cybercrime (such as farming gold for World of Warcraft) is a welcome option to spending 12+ hours a day in a factory, what is the truth about cybercrime?

Safe Seas

I often get asked whether one country is considered a greater, or lesser, target from another. Unfortunately, cyber security cannot be encased in typical physical or political boundaries - such as countries, companies or even social groups. While it's fair to say that the resilience to attacks, awareness of exposure and certain political/economical factors might have an affect on a company's security exposure, it certainly wouldn't make it completely immune.

Permission to Come Aboard

While it is true that everyone is at risk of a cyber-attack, governments, major corporations and companies with valuable IP are far more likely to be targeted by computer related attacks than companies without obvious valuable digital assets.

That said, while criminals will unleash malware to worm its way into an intended victim, most worms don't make a distinction between one organisation - or industry sector - from another. For this reason, while an attack may initially be targeted at a particular Government or sector, there is no reason why the worm would stop there.

Pirate Law

Legislation, to some extent, will have an effect on an organisation's exposure to computer-based threats. Statistically, countries which have stronger laws against misuse of computer systems by employees tend to be in better shape than those where there are none. That said, it doesn't stop a lawless society launching an attack against organisations where regulation is tight.

Similarly, if the headlines are to be believed, powerful leaders such as President Barack Obama are not averse to playing dirty either.

Rough Waters

All forms of crime tend to increase in a recession so it's natural that instances of cybercrime would increase too. Cybercriminals have definitely become more active in recent years, however there are also more laws regarding cybercrimes, which inevitably creates more criminals.

Today, we face an arms race and what is obvious is that both sides are becoming more sophisticated. The good news is that detection mechanisms are also becoming more sophisticated, and awareness is also rising. However, I'd also warn that committing cybercrimes is becoming much easier.

Where you had to physically rob a bank at gunpoint or infiltrate a high security environment requiring a lot of physical skill and expensive equipment (see Sneakers or War Games for "take-it-with-more-than-one-grain-of-salt-references"), nowadays a lot of money can be made from the safety of your own home or a random cybercafe.

Here are five simple steps business owners can take to ensure they don't become a victim of cyber crime:

  1. Take security seriously. Don't assume you won't get hit because you have nothing of value to attackers. Even if it's just to use your computers in order to stage larger attacks, everything is interesting for criminals.
  2. Try to keep up with patches. In my humble opinion, this is the single most important thing to do in order to increase security.
  3. Don't start thinking about computer security after it's too late. Get your personnel trained, increase their skills, and raise awareness of security at a company level.
  4. Get help from outsiders. Most companies cannot afford a huge full-time team, but having someone from the outside come in every once in a while and assist can make a huge difference. As a personal recommendation, I'd say more isn't always better. Smaller agencies often care about what they do and a 10-page text report about your problems is more valuable than a 500-page report with a big name at the top.
  5. Don't overdo it. Computer security companies will talk about the coming apocalypse to sell you their products, but it isn't as bad as it seems. Common practices, patching, common sense, some external help and continuous effort will help you raise your 'difficulty level' enough for most attackers to search for an easier target.

I believe that a robust security solution needn't cost a fortune. Open source and open source-based security products, combined with good old fashioned collaboration, are great alternatives.

At the end of the day, if a cyber criminal really wants to get in, he will launch an attack at your organisation. Your best bet is to detect and stop him, rather than trying to prevent all types of attacks.

Dominique Karg