Computer and communications security was on the minds of the 200 attendees of a conference hosted by NIKSUN (Princeton), a real-time and forensics-based cybersecurity/network monitoring company, on July 9-11, 2012.
The fifth Worldwide Security and Mobility Conference, held in Princeton, attracted senior members of the security community, who exchanged ideas on stopping future hackers and defending against attacks; big data and deep analytics and algorithms; next-generation network security; and security and mobile communications.
NJTechWeekly.com stopped by the conference on its first day, attending the talk “Cybersecurity State of the Art” by Parag Pruthi, NIKSUN founder, chairman and CEO, and a keynote on cybersecurity and mobile security from the law enforcement perspective by William Ralph Basham, Jr., former United States Secret Service director.
Pruthi provided example after example of attacks on companies, banks, cellphones, individuals and governments, recently launched in a continual barrage. There are “about 140 countries in a cyber arms race,” he stated, because those weapons can be very effective and there are no borders in cyberspace.
Pruthi said the shortage of security experts trained to deal with these attacks is severe: “I encourage those of you from colleges and universities to develop programs in the security area. We need thousands of graduates, not hundreds. We need 30,000 or 40,000 graduates knowledgeable in this space.”
“Wherever you look, no matter what government agency you are with, you cannot consider yourself to be safe,” Pruthi said. There are going to be people out there who will “drive by” or “create an advanced persistent threat” for their own reasons,” he added.
The conference happened to occur on the date many computers were scheduled to be knocked off the Internet, because malware known to have taken over DNS servers was redirecting users’ PCs to hijacked DNS servers. “The FBI knew about this for a long time,” stated Pruthi, “but a court order said, ‘you can’t shut these servers down because too many people would lose Internet service.’ ”
Pruthi chronicled the “ideological battle” between companies and countries and the groups Anonymous and WikiLeaks. For example, India recently decided to shut down sites that had pirated movies and other content, and Anonymous responded by breaching the websites of that country’s congress and supreme court.
“We are in an economic crisis, and people don’t have the budgets to safeguard themselves against these attackers,” noted Pruthi.
Companies like LinkedIn and Twitter are also under attack, he pointed out: “I think there’s a reason these companies are being attacked. Their primary driver is to get the service out there, and security often comes as an afterthought. Even when it comes, it is not keeping pace with the relevant events in the hacking community, just because there is not enough expertise.”
Hacker offensives are costly. When the PlayStation network was recently breached and hackers stole credit card numbers and passwords, Sony had to spend $171 million to deal with the breach, Pruthi said.
“Sometimes when we go to companies and talk to them about taking proactive steps, they don’t want to hear about it,” because it’s too expensive, Pruthi said. “We ask, ‘What is avoiding a $5 million expense worth?’ ” Breaches also have an effect on future sales, he added.
“There are still a lot of security folks who think it can’t happen to them, and that false sense of security is what causes some of these breaches.” A company like Sony can afford to hire the best in computer and network security, but ultimately, it’s a “leadership issue,” Pruthi said.
Many attacks are automated and take a matter of minutes or even seconds, but companies and governments may not even find out they’ve been hacked for months, Pruthi pointed out. “Recovery takes a very long time, and [in this situation] the attackers went away a long time ago. It’s very hard to catch them.”
Pruthi said companies can defend themselves against attacks if they know the method of attack. He called this the “known known.” Harder to deal with are attacks that are the “known unknown.” An example of this: I know that Anonymous is going to come after me on Monday, but I don’t know how. I can prepare for the attack, but I may or may not be successful. The biggest problem in intelligence is the “unknown unknown”: I don’t know what I don’t know.
This is the reason we have breach after breach, Pruthi said. “We don’t understand that the DSL router will have embedded Windows code that can’t be seen, and if there is an infection on an Internet server, my router may have the same infection.”
The goal, Pruthi summed up, is to turn both the known unknown and the unknown unknown into the known known. “That’s the battle we fight, the cat-and-mouse game,” he said.