Safeguarding against next-gen cyber risks
HP’s Alex Holland explores the techniques and technologies teams can use to keep their organizations protected from the next generation of attacks
The notion that cyber security is ever-shifting is widely understood, but it’s important to define what this means, exactly. The scale and impact of cyber crime has dramatically increased over time. In the last decade, in particular, the rise of ransomware has made cyber security a major talking point at the highest levels, and in the boardroom.
So what’s changed? For starters, the cyber crime industry has undergone a radical transformation into a more professional and industrialized outfit, with established supply chains and markets. Alex Holland, senior malware analyst at HP, tells TechRadar Pro that far from the stereotype of “hackers in hoodies”, cyber crime now really is “big business”. Indeed, according to research by HP, the dark web is fuelling the way cyber criminals collaborate, trade, support each others’ attacks, and monetise attacks too.
One of the immediate threats in this shifting landscape, as far as enterprises are concerned, has been managing their workforce during the pandemic and in the aftermath with the rise of hybrid work. “That’s created a lot of challenges for enterprises, because they need to configure their devices remotely, they need to defend their devices remotely, and we know that endpoint visibility – in terms of security and detecting threats – has always been a challenge for the enterprise,” Holland explains. “Also, enterprises need to be able to defend and recover from these attacks should the worst happen.”
This blurring of the lines between an employee’s personal life and professional life, too, poses a major risk for businesses. Research HP published last May revealed 71% of employees say they access more company data, more frequently, from home. At the same time, more office workers are increasingly using their work devices for personal tasks – with 70% admitting to using work devices for doing personal tasks like checking emails.
“We find that using work devices, in particular, for tasks like opening webmail is very dangerous. Email is the top vector,” he continues. “We consistently see that from the data that we analyze in my team, and email is essentially a direct route into the enterprise. Once you’ve compromised an endpoint, it allows attackers to spread laterally and really cause a lot of damage.”
Ransomware, meanwhile, continues to be a thorn in the side of enterprises across the globe. Identifying how ransomware is evolving, though, might help contribute to the defensive efforts. The threat has shifted from an opportunistic type of cyber attack, say, ten years ago, into one that’s calculated, deliberate and involves multiple elements. For instance, Holland explains, rather than aiming to encrypt a single device, operators might target an entire fleet of devices. In order to achieve these complex goals, though, hackers specializing in different areas are beginning to collaborate with each other.
“For example, every intrusion requires an entry point,” Holland says. “Unauthorized access is really important and really valuable in the cyber crime ecosystem. So, what we find in these dark web marketplaces [is] you have threat actors who are specializing in selling unauthorized web access, or initial access.”
Holland says HP aims to counter these threats by building security into the hardware – which is complemented with the Endpoint Security Controller hardware chip. This secure-by-design approach relies on having a firm foundation and verifying the integrity of a system. The manufacturer supports an array of security features, ranging from firmware security to detecting malware running in memory to isolating risky activities. The other side of the equation is configuring devices before they’re shipped to employees, with HP offering services to provide a company’s preferred security configuration right from the production line.
“We’ve been working on secure by design hardware for more than 20 years, and one of our key focuses has been on resilience,” Holland says, with HP’s approach a combination of preventing attacks, detecting malware and other threats, and recovery.
“It’s very easy to be a doom monger and talk about how bad cyber security and cyber crime is,” he continues. “I think there is actually hope to reduce cyber crime, but it requires a collaboration between Intel and HP, [and] it requires interventions from governments.
“We need to increase the effort required for attackers to successfully compromise networks – and we have the technologies available to do that. We also need to reduce the rewards that when they do compromise these networks; that they're unable to access crown jewels.”
To hear our full conversation with HP’s Alex Holland and learn more about which tools and techniques businesses can use to mitigate the threats posed by the changing cyber crime landscape, watch the video above
Get daily insight, inspiration and deals in your inbox
Sign up for breaking news, reviews, opinion, top tech deals, and more.