Lessons Learned At The FBI’s Cyber Threat Intelligence Forum

Staying aware of how cybercrime is changing around the world is more important than ever – without a true understanding of how cybercriminals operate, how can you expect to protect yourself from them?

Attending the FBI National Academy Associates Cyber Threat Intelligence Leadership Forum provided stark insight into the state of cybercrime and cybersecurity around the globe in 2019.

To be honest, looks future is bleak. The cybercrime industry has never been bigger, with countless cybercriminals operating around the globe and here in the US, armed with easy-to-use tools and as many targets as they could hope for.

“Cybersecurity, and the unexpected threats therein, is what keeps me up at night,” said Jerome Powell, Chair Of The Federal Reserve, at the Forum.

What about you? How do you feel about cybersecurity in 2019?

It’s important to recognize that the growing rate of cybercrime comes down to one simple fact…

It’s Never Been Easier To Be A Hacker

All you have to do is know where to look – i.e., the dark web. It’s a part of the “deep web”, which is a much larger collection of websites that aren’t accessible through normal Internet browsers you and I use. In everyday web browsing, we actually only access about 1% of Internet data.

The rest is the Deep Web, and the black-market portion of it is known as the dark web. It’s here where wannabe hackers can get the tools they need. Hacking tools, zero-day exploits, stolen data, spamming and botnet services – you name it.

While the FBI, in conjunction with international law enforcement agencies, does what it can to stop the sale of hacking tools, the dark web remains a vital resource for cybercriminals.

At the Forum, presenters detailed the different types of cybercriminals a business may be targeted by:

1. Script Kiddies: These are inexperienced script runners, a nuisance at worst. They run automated hacking scripts that they find online, which can almost always be mitigated by conventional anti-virus software and firewalls.
2. Sophisticated Attackers: These are the cybercriminals that actually have some skill. They have found success in targeting small businesses with ransomware, earning some bitcoin, and embarrassing an IT team here and there.
3. Corporate Espionage: Cybercriminals aren’t always loners operating from their basement apartment. They can also be the competition. Just this month, Sweden’s Haldex reported suspected corporate espionage after a former employee stole a large amount of their financial data.
4. Organized Crime: These syndicates don’t just use intimidation to make money anymore – they’re gaining a presence online as well, executing DDoS attacks, blackmail, intellectual property crime and more.

And the most threatening type of hacking threat? State-sponsored attacks…

Foreign States Pose Major Threat To US Cybersecurity

China

China is by far the most clear and present threat to US cybersecurity, known as the source for countless cyber-attacks over the past decade. Just last month, it was reported that the Chinese state-sponsored hacking group APT10 conducted a massive spear-phishing campaign against US utility companies.

Beyond attacks against businesses and government agencies, Chinese parties even target private consumers. Tourists traveling to China have had their data stolen via Chinese developed apps, and the same is happening with apps used by their citizens as well.

Russia

Remember the Yahoo! data breach that affected up to 3 billion users? The largest known data breach at the time, it is now understood to have originated in Russia. Cybercriminals operating from Russia are highly capable and can’t be trusted.

Iran

Over the course of this summer alone, Iranians have launched multiple phishing campaigns against US organizations. And as with China, these attacks aren’t just business-facing – LinkedIn users were targeted with Iranian-based malware this year as well.

North Korea

Remember WannaCry? It’s been years since the WannaCry ransomware strain struck on the evening of May 11^th, 2017, encrypting the data of thousands of healthcare organizations in the UK (including the entirety of the National Health Service) and holding them at ransom. By the end of the weekend, WannaCry had infected thousands of networks in over 150 countries around the world.

WannaCry is the attack that put ransomware on the map. And before that even, North Korea targeted Sony Pictures because of their production of a movie that made fun of their leadership.

Mobile & Wearable Devices Are A Growing Vulnerability

The math is simple here – the more devices there are connected to the Internet, in use by everyday people, and collecting data, the more targets there are for cybercriminals. And by next year, there will be 25 billion Internet-connected devices.

Furthermore, 87% of today’s employees work mobile, making Bring Your Own Device policies a much bigger priority. By 2020, the number of smartphone users worldwide is expected to reach 2.87 billion.

No matter what kind of cybersecurity you have in place at the office, it won’t extend to the mobile devices that have access to your data.

This is a critical limitation of your cybersecurity software, and it’s obvious when you think about it – if your firewall is only installed on your work devices, but you let employees use personal devices and home workstations to access business data, then obviously you won’t be totally secure, and you’ll be left open to critical vulnerabilities that will only be more common in the coming years:

• Lost or stolen devices can do major damage to you, leading to compromised data and lost work.
• Unsecured Wi-Fi hotspots and other vulnerabilities allow intruders inside your private network.
• Mobile devices are becoming bigger targets for cybercriminals, who use malware and other methods to attack smartphones and tablets.

Is Cybersecurity Getting More Expensive?

Don’t make the mistake of looking at what your previous year’s budget for cybersecurity was, and assuming it’ll always be the same. Cybersecurity will continue to be important, especially as the cybercrime world continues to grow and develop.

You can’t afford to cut corners on your data protection measures. It’s wiser to look at what a breach will cost you, and compare that to your investment in cybersecurity.

After all, the global cybercrime industry will cause up to $6 trillion in damages in just a few years – will you be part of that number?