The Most Compromised Element in the Chain of a Cyber Scenario is You

474294047

What is the top risk facing the cybersecurity of our organizations, agencies and governments? Hackers from Russia? North Korea? China? Nope. It’s you and me. “It’s really easy to read humans and also really easy to manipulate humans,” said Ian Yip, CTO at McAfee Asia-Pacific. “No matter what you hear from me in terms of all the technology and the hacking and the Dark Web, it is still the human that is usually the most compromised element in the chain of a cyber scenario. It’s the human that we are most worried about.”

Yip addressed a crowd of more than 200 anti-fraud professionals in Sydney this week at the 2018 ACFE Fraud Conference Asia-Pacific and highlighted two of the largest cyberattacks in history when speaking about what the past and present can tell us about the future of cybersecurity.

Most of the audience was familiar with the WannaCry ransomware attack in 2017, but fewer had heard about the NotPetya malware attack that penetrated companies worldwide through outdated software. WIRED’s Andy Greenberg published an article in August of this year, “The Untold Story of NotPetya, the Most Devastating Cyberattack in History” which detailed the estimated $10 billion attack from discovery to lessons learned.

As Yip echoed in his presentation, the malware attack knew no boundaries, starting with the shipping giant Maersk in Copenhagen and expanding to ports all over the world. It affected other companies like Merck (an estimated $670 million lost) and Europe’s FedEx subsidiary, TNT Express (an estimated $300 million lost). Maersk shut down for two weeks until they were able to rebuild their network after finding one domain controller in an office in Ghana.

Greenberg closed his article with this warning, “… NotPetya reminds us, distance is no defense. Every barbarian is already at every gate. And the network of entanglements in that ether, which have unified and elevated the world for the past 25 years, can, over a few hours on a summer day, bring it to a crashing halt.”

Yip, too, discussed the implications of what would turn out to be an act of cyber warfare between Russia and Ukraine, and the threats facing all organizations today. “When you hear us say that attackers are getting more sophisticated, this is what they are doing,” he said. “This is third-party risk in action.”

McAfee has one of the largest threat intelligence databases globally. According to Yip, it registers five threats per second and receives 51 billion queries per day. To put that in perspective, Yip reminded the attendees that Twitter gets 500 million tweets per day. But, the statistics do not tell the entire story; they only tell an important one: that companies must wake up to fact that cybersecurity threats are real and must work to mitigate them.

Yip closed with three tips for organizations:

  1. Assume they [hackers] are already in.

  2. Figure out what you want to protect.

  3. Cooperation and collaboration are essential.

“As I said before, we have a systemic issue; we don’t have a technical issue,” Yip said. “Take some responsibility. We have to take ownership as citizens and human beings.”