The Channel Angle: Why The Right Cybersecurity Stack Can Prevent Killware
‘A person or bot cannot gain unauthorized access of a system if security is properly implemented and accurately enforced,’ writes Guillermo Vargas, CEO of IT consulting company WeCcode.
[Editor’s note: The Channel Angle is a monthly CRN guest column written by a rotating group of solution provider executives that focuses on the triumphs and challenges that solution providers face. If you are a solution provider executive interested in contributing, please contact managing editor David Harris.]
Today, cybercrime is booming due to hackers using malware to hold companies’ information systems hostage, among others. Whether lives are lost in the process has been irrelevant to some of these cybercrime gangs. To begin, killware is software (beyond ransomware) that when used harms or kills people. Currently, the most common form of killware is “lethal malware.” What is more, “weaponized operational technology environments to successfully harm or kill humas” is three years ahead of its prediction. For example, the recovery of Conti ransomware group’s (now disbanded into several groups) cyberattack cost the Irish public healthcare system, Health Service Executive, around $600 million (circa 2021). Undoubtedly, a weaponized OT environment(s) was employed to achieve such a catastrophic hack. In this case, the correlation of lost lives due to the ransomware group’s attack has yet to (if ever) reach mainstream media. As of June 2022, two ransomware cases (one in Alabama and one in Germany, a case that was later dropped) were allegedly responsible for lost lives. It is important to note that ransomware hitting these systems, whether responsible for lost lives or not, is also a major problem. To be clear, killware or any malware infecting information systems can be prevented or mitigated by using proper security stacks.
Of course, creating a virtually impenetrable security stack requires meticulous design and even more careful implementation. Nonetheless, achieving an impenetrable system is both possible and has already been accomplished by various organizations during real-world vulnerabilities and breaches. In one case, LastPass’s encryption methodology of employing multiple layers of encryption protected its customers from the OpenSSL vulnerability, the Heartbleed bug, that actively compromised 66 percent of real-world websites between 2012 to 2014. In short, multiple layers of security hardened LastPass’ information systems. Business leaders must understand that any place where company data lives and travels must be secured. Such places where data is stored or traverses are websites, computers, health information networks, financial ledgers (public and private), external storage devices, phones, tablets, smart watches, the Internet, etc. Obviously, data will live and travel in and to more places as time goes by. More specifically, today, there are more than 25 billion devices that can connect to the Internet, and there will be around 40 billion devices by 2025. With all of that said, there are only two types of entities for a hacker to attack – client side and server/host side. Simply put, to steal data, hackers can attack an end-user’s system, e.g., router, phone, laptop, IoT, etc., or the organization hosting the data, e.g., firewall, server, API, etc. Additionally, the mathematical foundations that secure all information systems have never been broken. For example, it is impossible with today’s knowledge for humans or computers to create a real formula for prime factorization of large numbers. Nevertheless, Internet-connected devices are still getting attacked less than every minute.
The reasons for more attacks today than in the past are simple. First, as previously mentioned, there are more devices that can be hacked today than there were yesterday. Second, hackable devices do more now than they did in the past, such as mobile banking and cryptocurrency trading. Third, the previous two reasons are enough reasons even though cybercrime could cost $10.5 trillion dollars by 2025.
Organizations can prevent or mitigate killware, ransomware, spyware, etc. by securing all components of an organization’s information systems. A security stack that will work needs to include software, hardware, people, processes, and policies as part of a company’s systems’ defensive and offensive security strategies. In conclusion, a person or bot cannot gain unauthorized access of a system if security is properly implemented and accurately enforced.
Guillermo Vargas is CEO of WeCcode, an IT consulting company based in Plantation, Fla.