17 November 2022
Written by Jia Fu, Head of Information Security
The recent geopolitical conflict has further complicated the cyber threat landscape, yet despite the drama of 'cyber war' the industry is never as exciting as now. Indeed, the cyber security skills gap is not least the focus in the nation's cyber strategy this year, but repeatedly the hot topic in the field.
In this article, we'll have an explore of what's happening in the often deemed 'mysterious' cyber world, how cyber security professionals are contributing, and what it takes to become one of us.
Our Cyber Threat Landscape
Yet another Uber data breach thanks to the prolific Lapsus$ gangs, just weeks after their former Chief Security Officer was accused as personally culpable by the US court of covering up their 2016 breach...
Deep fakes that impersonable high rank officials, politically motivated or financially focused...
Increased phony accounts on Twitter caused by new blue subscription and chaos following the acquisition, which led to their C-level security and privacy executives resigning...
Persistent destructive attacks of critical infrastructure by heavily funded nation state actors who often are intertwined with the commercially minded cyber-criminal groups...
Indeed, the cyber world is never short of intriguing stories.
The threat actors behind this all are no longer as in the old days the teenager boys in hoodies having their fun in the basement, but rather shifted to organised crime gangs, hacktivists, and nation state APT (Advanced Persistent Threat) groups. As revealed in the infamous Conti leaks earlier this year, for example, the cyber gangs are professionally organised with proper tiers of leadership, affiliates and partners, various job roles, HR recruitment process, defined salary and annual leave structures. Big players sell their hacking tools on the dark web to less tech-savvy ones. An ecosystem on its own has been rapidly expanding.
Roles of Cyber Security professionals
Will people like you and me be targeted?
It all depends on the nature of the threat actors and their motivation of course. An amateurish attacker hopes for opportunistic financial gains through targeting as many people as they can; for instance, social engineering through LinkedIn exploiting opportunities presented by the 'Great Resignation', deep fake of wealth management gurus tricking us to invest in cryptos, a malware embedded ad or mobile app implanting information stealers on our device. A politically motivated hacktivist might choose to target an organisation, yet their initial entry point might be through online accounts of individuals. Even when it comes to the high-profile nation state actors, we can all be part of the collateral damage, such as in the landmark 2014 Yahoo data breach where 500 million user accounts were compromised to cover up one or two true targets by the state funded attacker.
With the complexity of the threat landscape, diversity of threat actors, prevalence of attacks and wide range of targets, Cyber Security professionals are resolving real world, societal, issues.
So, what are our predictions into 2023, that cyber professionals are tackling? Nation state funded espionage activities will continue, along with disinformation operation. Ransomware attacks, although dropped earlier in the year mostly due to the Conti leaks, are never short of new variants with similar TTPs (adversary tactics, techniques, and procedures), with double or triple extortion as the end game. Supply chain risk, as escalated by the SolarWinds attack back in 2020, will be the focus to the point of understanding that our organisation's cyber posture must include our supplier's cyber posture too.
What does this all entail
And in tackling this, Sun Tzu's motto from two and half thousand years ago still applies, 'know the enemy and know yourself in a hundred battles you will never be in peril'.
This is where a passionate, successful, rewarding, cyber career starts.
It is that understanding of threat actors’ attack chain, that knowing of our weak points, that strategy of fixing these weak points in the context of our business environment and external threat intelligence. And that weak point can be an email account, an insecurely configured system, an open firewall port, a legacy application with outdated operating system, a laptop that has poor security posture, a supplier that’s storing our data, so on, so forth.
The invitation is, which role do you want to play in this process of defending against that shadowy, elusive, mysterious figure that’s nosing around at the back of our cyber ecosystem? Are you that super-duper techie person that’s excited about discovering how the attacker bypassed your anti-virus and dropped a stealer or wiper? Or are you obsessed with studying the human factors in the attack chain with the passion of stopping seasonal shopping scams which cost UK citizens 15 million last Christmas? Or are you that planner and strategy maker looking at the bigger picture from a vintage point feeling the urge of holistically bringing processes and defense mechanism up to standard?
And this indeed is the charm of a cyber security career. It is versatile, diverse, multidisciplinary. Be it a security engineer, an operation analyst, a risk management specialist, a user awareness advisor, or a threat intelligence hunter, there is that interesting menu for you to choose from. Whichever route you choose, fortunately, you’ll benefit from some universal traits, that is, teamwork, discipline, integrity, duty, strategy, problem-solving, abilities to quickly react and adapt.
The End.
References:
Lapsus$ group - read more at https://en.wikipedia.org/wiki/Lapsus$
Conti leaks – read more at https://en.wikipedia.org/wiki/Conti_(ransomware)
Yahoo data breach - https://en.wikipedia.org/wiki/Yahoo!_data_breaches
WolarWinds attack - https://en.wikipedia.org/wiki/SolarWinds