16th June 2020
Security Evangelist, David Jacoby is part of The Global Research Analysis Team (GReAT) at Kaspersky which makes up one third of the leading cybersecurity firms employees.
At the recent, annual SAS@Home, he spoke about the evolution of how cybercriminals have changed the way we work with the internet.
It was the era of pop music and everything about the modem. Jacoby says, “This was a time where collecting usernames and passwords was tracked manually or simply written on a Post-it Note. Password cracking was uncommon because computers were slow and did have enough CPU power. War dialing was used to dial difference phone lines to identify if it was a fax machine or a main frame in the system. Dumpster diving, while popular in the 80s, does not exist today.” Targets include modem connected devices such as recycling machines or telecommunication equipment.
Cybercriminals moved away from modems to the internet. Jacoby who is based out of Sweden says, “We opened Pandora’s box with the internet. Stack overflows was something new and exciting. We also saw a lot of software being exploited during this time. However, something else changed. People started to use individual computers and soon after started attacking individual computers. Hence, web and mail servers online was on a rise in attacks in the 90s.”
Reuse passwords were severely common in the year 2000. Remembering multiple passwords proved difficult which made things easy for cybercriminals. Unlike the 80s, this era showed that software vulnerabilities and supply chain was popular for cybercriminals. Jacoby says “Targets include a new wave of mobile devices. I would also consider a laptop an avenue for being used as a mobile device as it is connected to different places and can be moved from one place to another easily.”
Jacoby points out that cybercriminals aren’t really changing their techniques. He says, “If you look at trends, it is the people who made security complicated. People create new technology but often fail to consider computer security. Cybercriminals on the other hand, work on routine and structure. They will continue to use similar techniques in the future.”
One key factor that has changed, is the motivation behind an attack. Since the millennium, white hackers now publish vulnerabilities and this has brought changed to the security landscapes. In the 80s, people deemed this unfavorable. Fast forward today, the new age acknowledges white hackers as heroes and the industry rely on them to find vulnerabilities. With a growing cybersecurity skills gap and short-staffed security teams, many organisations are turning to bug bounty programs to expand their breach prevention capabilities beyond their internal teams. Jacoby ends by saying, “White hackers are heroes. We need them for the betterment of improving security risks.”
About KasperskyKaspersky is a global cybersecurity company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.au.