The Human Hack: The Oldest Trick in the Book
We’re out in Las Vegas this week for the annual Black Hat conference. With discussions of cybersecurity and hacking on the tip of everyone’s tongue, one can’t help but become a bit paranoid. And, of course, for many this week is just a prelude… an amuse–bouche for this weekend’s DEF CON hacking show.
Last year, the Daily Dot published a story called “The art of hacking humans” which discussed the Social-Engineering Capture the Flag content that has been running since 2010. In it, participants use the best tool a hacker has at their disposal – their wits – and leverage tall tales and social subterfuge to convince unsuspecting victims to provide sensitive information in exchange for points. A few slip-ups here, a comment about applications there, and a boom! You’re hacked and on the front page of the New York Times.
For the companies being “Targeted” (such as big box retailers who will remain nameless…), the contest was originally viewed as a nuisance. In the years since it’s inception however, the Capture the Flag contest has gotten the thumbs up from many a corporate security expert. Its participants engage annually to test their mettle and help potential hacking victims understand their vulnerabilities. It’s a white hat education in what not to do and has made strides for corporate awareness.
Human Hacking Starts With… Humans (duh)
As we know, most malicious attacks begin at the endpoint, because that is where the humans in your company live. All it takes is access from a nebulous location to do serious damage. But rather than think of hacks as something to react to or a mere process to be killed, we need to remind ourselves that behind every attack there is a person. And ultimately, that’s who we need to arm ourselves against. But how?
Since companies operate in the real world, we must all accept that there are those who would do us harm. Rather than try to prevent hacks from taking place, we need to re-wire our brains on the matter. The key is identifying malicious user behavior as it is occurring so that you can respond accordingly. The new era of endpoint security is focused on this ability to visualize user behavior, inspect and analyze it quickly, and then respond rapidly. At Black Hat we are showing folks how they can continuously monitor the fringes of their network so that when (not if) breaches occur, they can be swiftly cut down.
As a wise man once said, “You can’t secure what you can’t manage and you can’t manage what you can’t see.” The result dramatically reduces time-to-detect and time-to-respond (TTR). And that’s no lie.