Monday, December 9, 2024

Author: Hackers, Industry Locked in ‘Arms Race’

Datamation content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

The United States is under attack by cyber terrorists. Major corporations have been brought

to their knees. Government agencies are too entangled in their own web to protect business

or the infrastructure.

That’s the premise of a new book, No Outward Sign, by longtime cybersecurity

strategist and consultant Bill Neugent. Of course, in the world Neugent has created, the

hero is a ‘cyber vigilante’ and he falls in love with a beautiful FBI agent. And of course,

American companies aren’t really under attack.

Or are they?

Neugent says people shouldn’t be so sure. The author’s day job is chief engineer for cyber

security for The Mitre Corporation, a high-tech consulting firm for the federal government,

and he says he wrote the book to offer up a warning — a warning of possible things to come.

In an interview with eSecurityPlanet, Neugent says virus writers are actually a

God-send, and adds that we’re far more vulnerable than most people believe. He also says

we’re in a security ‘arms race’ and right now, the good guys aren’t doing so well. But that

could all change too.

Q: Bill, you’re a real security guy — an expert. Why write fiction instead of a

how-to?
I have the bug — the writing bug. I thought I would write the novel I’ve been wanting to

write and also do a public service by showing how it feels from an insider’s view to be

under attack. I wanted to draw attention to the kind of vulnerabilities that we’ve been

experiencing recently with worms and blackouts. I got a lot of calls during the blackout

with people asking if my publicist arrange it.

Q: What is the message that you’re trying to put out there?
My message is that we’re naked in cyber space… I have a lot of guys who work with me and

if they wanted to, they could write a destructive worm that would have catastrophic effects

across the world. There’s no defense against that. No defense. No defense. It would be easy.

They could use a Zero Day flaw. Or as soon as the patch is announced, they could write a

worm within a day or two. Without having done anything particularly hard or creative, they

could cause a lot of destruction. None of the worms we’ve been dealing with have been

particularly bad.

Q: Recent worms and viruses have caused a lot of damage. How could they not be

bad?
They could be a lot more damaging than they’ve been. The hackers who’ve written these worms

and viruses have done us a wonderful service. Every time they do that, they raise the

security bar on what vendors need to do to provide normal business-grade security. It’s not

us calling for it. It’s hackers writing worms and viruses that have raised that bar for

security. Thanks to hackers, we’re better protected against organized crime and foreign

nation states that want to harm us.

Q: How vulnerable are we today?
Highly. Nation states right now can build that malicious worm. They don’t because why would

they kill the cow they’re milking so successfully. It’s really easy for them to break in.

Our own government red teamers succeed in breaking in every single time. If our guys, using

Internet-grade tools, could do that, an adversary could do the same. But they don’t because

our networks are more valuable to them up than down.

Q: Why is that?
Hackers like to own systems so they can launch attacks against other sites. Organized crime

is wonderfully successful stealing money over the Internet. Look at identity theft. The

Federal Trade Commission says it’s the number one complaint from consumers. Identity theft

is a huge, huge problem. Criminals all over the world are stealing money so they want all

these networks up.

Q: But there obviously are countries and terrorist groups that would love to damage our

infrastructure. How much of a threat is that really?

There’s a lot of reported evidence of terrorists studying cyber terrorism. A couple of

months ago, the FBI arrested a student at the University of Idaho. He had alleged Al Qaeda

ties and he was getting his Ph.D. in cybersecurity. It means that cyber terrorism is not at

the top of the terrorist job jar but it’s in the job jar. It’s not their priority but

they’re working it. They haven’t gotten to the point where they’re an active force but it’s

just a matter of time.

Q: What do you think IT managers should be focusing on?
Automatic patching or as close to that as possible. For critical patches, their installation

must not be dependent on users. That’s absolutely fundamental. It’s a critical part of our

infrastructure that we have not had.

Q: What kind of coming attacks are worrying you the most? Are you expecting bigger and

more destructive worms? Are you looking for a direct terrorist attack?
It’s hard to predict the future. What I expect is terrorists to finally get some traction in

this domain and launch attacks. They won’t cause a digital Armageddon. It’ll be serious but

limited damage. It’ll be done along with physical terrorism. They might blow up a bridge and

then launch a cyber attack on the 911 system so people can’t call for help.

Q: Are American businesses safer now than they were six months ago or even two years

ago?
That’s a tough one. Losses are greater now. That’s proof that maybe we’re not so safe. I

expect that in two to three years, especially as Microsoft’s investments start to pay off,

we’ll see substantial improvements in cybersecurity. But the number of vulnerabilities have

been doubling every year and the number of attacks has been increasing at at least that

rate. Our security is better, but we’re no safer. It’s an arms race and the bad guys are

advancing as well as the good guys.

Q: Who’s winning the race?
I think we’re losing a number of battles right now. For right now, I think the bad guys are

winning. They’re getting money. They’re getting information. If they really wanted to launch

the destructive malicious worm, it would be devastating. They haven’t yet, but they’re

capable of doing that.

Subscribe to Data Insider

Learn the latest news and best practices about data science, big data analytics, artificial intelligence, data security, and more.

Similar articles

Get the Free Newsletter!

Subscribe to Data Insider for top news, trends & analysis

Latest Articles