sb-eu logo
Story image

INTERVIEW: SolarWinds MSP security VP lays industry bare

03 Apr 2018

Cybercrime is a business and the rising number and severity of attacks is not a result of criminals getting smarter and more skilled – a lot of businesses are just maintaining poor ‘cyber hygiene’.

That’s the opinion of SolarWinds MSP VP of security Tim Brown, who has over 20 years of experience in cybersecurity including roles at Dell, Symantec and CA Technologies.

“The threat landscape is always changing and that’s the constant we have. Since it’s a business, people are always looking for new methods to infiltrate systems and gain controls. When considering whether it’s better or worse, we see some signs that it could be becoming a little less benign and less angry, but still extremely active,” says Brown.

“Take crypto mining; this has evolved because the bad guys don’t necessarily want to be so bad—it’s easier to not inflict harm. They see crypto mining as an alternative as long as they’re getting their pay-out. One positive is that our ability to be able to stop threats is getting stronger, and we have an increased level of awareness (due in part to the media) that enables us to implement faster and smarter detection and response plans.”

Brown says when you look at cybercriminals, there is organised crime and then there is the unorganised group that are just looking for a quick dollar.

“The criminal marketplace is pretty segmented. Some people are in place to create a botnet, some to discover a botnet, and some are using that to do a DDoS attack. The main avenue of attack is still the basic one—bad cyber-hygiene—and criminals are always searching for weak points,” says Brown.

“They will do a broad scan and look for systems that are vulnerable and then move sideways to attack. It can be broad-based or specialised, like we see in certain verticals. Take education for example with pre-credit youth data. Every type of data has a value on the dark net.”

Brown says while there are some cases where cybercriminals have become smarter and more skilled, the majority of attacks are still a result of poor hygiene.

“So when you look at organisations who do well on their hygiene, and you look at others who don’t, you can see a spike in attacks. It’s one of the reasons we are seeing a shift to the bad guys targeting more and more small-medium sized businesses who don’t necessarily have the same levels of sophistication or resources to protect themselves as larger organisations do,” says Brown.

“The cybercriminals use them as an entry point to get to the bigger organisations. That’s what we saw with the Target attack and the HVAC vendor that “let them in” unknowingly. This is becoming a bigger and bigger problem for SMBs, which is why outsourced security services make a lot of sense for them.”

Brown says increasingly service people around the world are being trained to have cyber skills because there is no question that cyber is one of the largest battlefields of the future.

“The thing about most nation states is that they’re playing by rules they’ve played by for a long time; they’re just changing the attack method,” says Brown.

“But what they want to achieve is the same as it’s always been such as competitive intelligence gathering, governmental and political influencing, compromising assets such as critical infrastructure, election tampering, etc. It’s not that it’s so different now; they just have different tools to play with, and those tools happen to be cyber.”

SolarWinds MSP recently conducted a survey that analysed more than 200 UK and US IT security leaders on their awareness of and ability to defend against major cyberattacks.

“Looking at attacks like WannaCry, Petya, and the Vault 7 leaks, we found that a majority of businesses across all sizes don’t have the right resources to be able to overcome these types of threats. According to the survey, there is a continued increase in IT skills shortages which plays a large factor,” says Brown.

“In addition, less than half of respondents believe their organisations’ enabling security technologies and budget are sufficient to prevent, detect, and contain risk. Taken together, these findings support earlier results that show a low rating by security leaders about their organisation’s ability to curtail cyberthreats, such as ransomware or Vault 7-type attacks.”

In terms of what type of attack do businesses need to be more aware of, Brown says while, vertical and geography may play a role, it comes down to one thing.

“The bigger and more important factor is, what is the organisation’s crown jewels? In other words, what are they worth to the bad guys and how can the bad guys use them to infiltrate theirs and other connected systems? Our recent cyberthreat survey interestingly showed that about 30 percent across the board don’t feel these factors are that critical. And to a large degree, they’re right,” says Brown.

“An organisation needs to be sure it has a good incident response plan in place that gives it the ability to act swiftly across people, process, and technology, to lessen the probability of an attack and its impact, if one occurs.”

Story image
APAC organisations struggle to find balance between digital adoption and cybersecurity
Organisations in the Asia Pacific (APAC) region are significantly concerned about security threats, but nevertheless are looking to advance operations through digital adoption.More
Story image
Gartner: Security leaders must balance risk, trust and opportunity
Security and risk leaders must focus on balancing risk, trust and opportunity to help maintain the ability of their organisations to function.More
Story image
Check Point acquires Odo Security to bolster remote security offering
The deal will integrate Odo’s remote access software with Check Point’s Inifinity architecture, bolstering the latter company’s remote security capabilities in a time where working and learning from home has become the norm, and looks to largely remain that way in the near future.More
Story image
Ripple20 threat could affect 35% of all IT environments – ExtraHop
The vulnerabilities have the potential to ‘ripple’ through complex software supply chains, enabling attackers to steal data or execute code.More
Story image
Video: 10 Minute IT Jams - The benefits of converged cloud security
Today, Techday speaks to Forcepoint senior sales engineer and solutions architect Matthew Bant, who discusses the benefits of a converged cloud security model, and the pandemic's role in complicating the security stack in organisations around the world.More
Story image
Remote staff overestimating knowledge of cybersecurity basics
‘Unconscious incompetence’ is one of the most difficult issues to identify and solve with security awareness training.More