Hackers are at it again — not that they ever really broke it off. Normally I don’t get too wound up about data breaches. Since no one ever e-mails me, I was OK when the hackers hit my Yahoo! account, and the breach of retail giant Target didn’t bother me personally since I’m not allowed to shop there anymore. But now they’ve gone too far!
The Beverley Hill’s headquarters of United Talent Agency (UTE), Hollywood’s premiere talent agency, got hacked yesterday causing “widespread disruption across the industry.” Meetings had to be canceled, and the hack even shut down an industry-wide database completely slowing down the work of agencies across Tinseltown. Oh the humanity! If this kind of behavior keeps up we may never get another private viewing of a Shia LaBeouf masterpiece.
As much as we hate hackers, they are creative and determined. And now they’re applying sound economic principles, with the benefits of customer service. Some ransomware hackers have brazenly established call centers and technical support lines to simplify the process of paying the ransom. By keeping the ransom amounts affordable, their victims find it much easier to pay up than fight. Good luck getting service like that from your internet provider.
Hackers are also good students of human nature. They know how we tend to choose our passwords, how we absent-mindedly respond to phishing emails and how we find click-bait headlines irresistible.
Fortunately for us all, cybersecurity professionals are fighting back using an age-old law enforcement tactic called Cyber Threat Intelligence (CTI), and it means, essentially, that “to catch a criminal, you have to think like a criminal." The goal of CTI is to better understand a hacker’s nature by studying and identifying their motivations and what they fear.
IT security expert Alex Holden of Hold Security said in a press release from security and governance association ISACA, “Hackers exploit our systems, bringing unmeasurable losses to businesses, individuals, and society. And they are winning. How do we stop them more effectively? We need to study their patterns, goals and social habits to make their ill gains more difficult and unfeasible. Through real-life examples, we need to learn how hackers pick their targets and how to make our infrastructures less attractive targets for them.”
While Holden admits that “there are no universal hacker deterrents,” he does believe there are ways to slow down their advances over time, and offers five tips to build and improve an enterprise’s threat-intelligence:
- Gain a better understanding of hackers' motivation.
- Understand and employ the mitigation techniques recommended to counter the latest attacks.
- Build effective defenses against real threats.
- Learn how to outsmart hackers at their own game.
- Improve and strengthen access management.
“We are not going to be afraid of the unknown,” said Holden. “There are viable steps to formulate a plan to deter hackers — to make them turn away at the door, and even if they try their virtual assault, to ensure they are met with alarms and proactive actions specific to their attack type.”
My advice to young people considering an IT career is that cybersecurity is as hot as ever, salaries are high and there are more jobs are opening every day. Every company, organization, and government is in need of skilled cybersecurity professionals. It's time to strike, while the iron is still white-hot.
About the Author — Calvin Harper is an associate editor for GoCertify and a veteran of the publishing industry. Calvin swears he was framed. Have you ever been inside a Target? How hard would it have been, really, to sneak the perfect quantity of motor oil, marshmallows, and live monkeys past the front door and into the electronics department? Also, his favorite Shia LaBeouf movie is this one.