Nicola Whiting, Chief Operating Officer, Titania explains why organisations are turning to automated cyber security to win the fight against cyber-criminals and state-sponsored hackers
Anyone searching Google for ‘automated hacking tools’ is immediately offered an array of sites where they can quickly download highly disruptive tools. Many come with user ratings, operator guides and money-back guarantees. They are available to rent, buy, rework or franchise. They appear almost legitimate.
Yet for those hungry for hacking tools, this is just the start. Navigate onto the dark web and you’ll find yourself winding through the digital underworld of cyberspace’s most notorious black market, a Mos Eisley for cyber weapons vendors, creating a booming cyber arms marketplace outside the parameters of the law. Weapons of choice for hackers here tend to be those that dramatically simplify and multiply sophisticated cyber-attacks. These range from automated distributed denial of service (DDoS) ‘Stressor’ tools, which overload networks with reams of data, to dictionary attack tools that generate endless password combinations in a bid to break into private devices.
The increase in availability of automated hacking technologies coincides with a rise in the magnitude of online attacks. In 2015, Symantec found more than 430 million unique pieces of malware, that’s a 36 percent increase on the year before. Last year, the Dyn attack saw 100,000 IoT devices hijacked and used as platforms for launching the largest recorded cyber-attack of its kind. Earlier this year, the WannaCry ransomware attack infected more than 300,000 computers, hitting dozens of healthcare organisations in the US and bringing down multiple trusts within the UK’s National Health Service.
Easily available, automated hacking tools are allowing amateurs to carry out sophisticated cyber-attacks and swelling the armies of hacktivists and cyber criminals. However, the resources needed to defend and mend cyber security vulnerabilities, aren’t keeping up. The largest ever survey of the global cyber security workforce predicts a shortfall of 1.8 million cyber security workers by 2022. This isn’t just a problem for the future, Indeed, the world’s number one jobs site, reports that employer demand for cyber security roles is three times higher than candidate interest. Security experts are expensive to hire, costly to train and at risk of getting headhunted – often just when they’ve got to grips with your system!
As automated hacking tools make attacks more likely and the cyber skills gap weakens our traditional defences, we need to find smarter ways to protect ourselves from the rising threat. This is something that larger businesses and military organisations are already addressing. These organisations are on the frontline of the cyber war, facing thousands of attacks every day. To give some perspective, towards the end of 2016, the U.S. Air Force, whose network consists of more than 1 million airborne and ground-based networked computer systems, estimated there were more than 1 million cyber attacks on its network on a daily basis.
In order to contend with the scale of such a rising threat, organisations such as the U.S. Air Force, the FBI, Deloitte, PayPal and KPMG have been amongst the first to implement ‘intelligent’ cyber technologies within their organisations to ensure their networks and computer systems are fortified against the most vicious cyber-attacks thrown at them.
Large organisations and the military are not the only ones targeted by machine-aided hackers. In the UK alone, small to medium sized businesses were subject to an average of 230,000 cyber-attacks each across 2016. The rise of automated cyber-attacks means that every organisation with a connection to the internet is under threat. Therefore, the adoption of automated cyber security technologies, machines fighting machines, is vital.
The cyber security skills gap means we don’t have the people to constantly reinforce cyber defences. Instead, we can use machines to conduct rapid, detailed and accurate audits.
This enables organisations to free their cyber security teams from firefighting and engage them in strategy, implementation and active defence. How do we know that automated tools can save time, money and resources? The real proof is in the application. The WannaCry ransomware attack in May led to operations being cancelled in 48 NHS trusts across the UK. Yet those parts of the NHS using intelligent autonomous cyber security ‘audits’ to find system risks were largely unaffected. The autonomously gathered intelligence, used alongside other tools, ensured preventative measures were in place to successfully protect themselves. Finding the right combination of automation tools, in an industry famed for its “smoke and mirrors”, can be its own challenge – but it’s one worth pursuing.
Intelligent automated systems can now replicate the work of high-level security professionals, analysing networks, systems and devices with the speed and effectiveness of expert security teams. This technology is putting the defenders on a level playing field with the increasingly automated attackers and can enable organisations of all sizes to compete with the next generation of cyber-attacks.