Staying Left of Boom

Earlier this month, the infamous hacking group LulzSec’s founder issued a stern warning to the US. If 2020 was coined The Year of the Digital Pandemic, then 2021 has still not discovered any digital vaccines. Cyber-attacks have grown rapidly over the past year, and are showing no indications of slowing down. One ‘former’ Black Hat hacker expressed his growing concern at the lack of preparedness the United States has shown.

The US government has been attacked by several world superpowers during the 2020 pandemic. The only difference is that these days, the attacks are taking place in the digital realm. The SolarWinds hack proved that government agencies could be vulnerable in places they never considered. The Microsoft Exchange hack proved that hackers are pushing new limits in terms of the scope of attacks. And the hack of the Metropolitan Police Department of Washington DC showed that cybercriminals have grown bolder than ever-'Boom.' [1]

Staying ‘Left of Boom’ is a cyber security strategy to build a resilient cyber defense that can defend an organization, no matter how much the cyber threat landscape changes around that business or industry. The ‘Cyber Kill Chain’ that never dies and is in fact growing, is ever present in our cyber world. Cyber Kill Chain was designed by US company Lockheed Martin and it succinctly breaks down an entire life cycle of a cyber-attack in 7 steps. The main advantage of breaking down the lifecycle into distinct identifiable steps helps bringing up commensurate controls to mitigate a cyber-attack proactively within the emerging stages of a cyber-attack thus preventing an organization from the pains and losses of suffering an attack in the first place. [2]

This former co-founder of LulzSec issued a grim warning to the US that the digital threats are just getting started. The former black hat said that, “We’re going to continue to see these attacks; this happens every day. And it’s going to get worse and worse, it will be exponential.” He said we (the US) do not, “have enough people to deal with the threats,” and we lack law enforcement that’s actually trained to handle cyber threats.” This hacker acknowledged that federal contractors and agencies like the Cyber and Infrastructure Security Agency (CISA) have improved over time. But he also noted that “we need more help, that’s for sure.” A big reason is that common hacker tools, like the common variations of ransomware, are easy for any tier level usage. These tools can be utilized by entry level hackers (commonly called script-kiddies) to very sophisticated state sponsors hackers (Advance Persistent Threat – APT actors).

“It’s Not Just the Government.” Small to mid-size businesses have also been miserably slow to react to the changing landscape. And that landscape has been changing rapidly. Small businesses saw a 424% increase in cyberattacks last year, and yet 60% of them still think they are unlikely to be attacked. That is likely why one-third of small businesses report using free, consumer-grade cybersecurity software.

This Is How Easy It Is to Get Hacked | VICE on HBO: https://youtu.be/G2_5rPbUDNA

As cybercriminals continue to gain power and confidence, businesses are failing to meet the moment. That is a decision that many business owners will come to regret as 60% of companies go out of business within six months of a security breach.

So, what’s being done? The US is taking some steps to improve its cybersecurity. In mid-June, US authorities confirmed a new US national cyber director. The former NSA deputy director will manage the US’ cyber defense strategy. He has a daunting task.

About a month ago, the hacker group REvil executed what some call the “single biggest ransomware attack” in history. The global attack affected the UK, US, South Africa, Kenya, Canada, Argentina, New Zealand, Mexico, and more. One of Sweden’s largest grocery store chains, Coop, was forced to close many of its 800 stores for over three days. In the first six months of 2021, health care data breaches jumped by 27% to 343 compared with the same period last year, according to a recent report. Many providers have already been the victim of a ransomware attack in 2021.

What Can You Do to Protect Against Hackers? The government cannot protect everyone against cybercrime. Governments are still trying to figure out how to best protect themselves. The good news is that there are some basic steps that everyone can take to protect ourselves and our businesses.

Below are some basic steps each business owner, or individual, should consider for optimal protection:

Require long, varied passwords for any sensitive accounts and change them often
Enable two-factor authentication for any sensitive accounts
Very important - invest in basic cybersecurity training so employees can avoid common pitfalls such as social engineering
Install and regularly update anti-virus software
Patch when urged to apply security patches
Limit employees’ access to sensitive data; segment the network
Conduct regular vulnerability tests and risk assessments

Cyber Kill Chain (above) Having solid cyber defenses is essential, but not enough. Setting a cyber security strategy to get ahead of the cyber-attack curve, or staying safe along the Cyber Kill-Chain and staying “Left of Boom.” Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization and can help with all of the above basic recommendations and offer proactive cyber intelligence to help prevent cyber-attacks. For questions, comments or assistance, please contact the lab directly at 1-844-492-7225, or feedback@wapacklabs.com