The threat from automated delivery of scripts etc (bots) from the bad guys is only going to get worse, a discussion of at Akamai’s London office heard last week.
Picture shows (l-r) Talal Rajab techUK, Rob Russell, Rackspace, Richard Meeus, Akamai, Jay Coley, Senior Director, Security Planning and Strategy, Akamai (Chair)
Rob Russell, Cyber Security Specialist, Rackspace said; “The scale is gargantuan. Over half of internet traffic is bot traffic. 80% of that is bad bots and 80% of those bad bots are impostor bots. They take over devices that have no security built into them. It’s very scary in terms of scale and the actual effectiveness of these attacks. Organisations aren’t necessarily prepared.”
Cybersecurity specialists have focused on the distribution of the denial of services, since that’s where there’s the biggest increase in sophistication of bots, he says. There’s also the increase and development of IoT, with the development of internet enabled devices. All these smart systems make it a lot easier to take-over these machines.
And the growing involvement of Internet of Things is going to make it worse. Talal Rajab, Head of Cyber, at techUK told the group that IoT’s aren’t necessarily sophisticated devices. “These are just consumer devices, so you’re not thinking about security. As you see an increase in these types of devices, you see the landscape getting worse. If you look at the evolution of AI, traditional defences aren’t working, the bots are learning and adapting.”
With the advent of cheap IoT consumer devices, it will only get worse, he says. Hackers are learning. They’re using AI to figure out how to get around company defences, and companies need to take this seriously, he warned.
He also highlighted the growth of crypto-jacking – using computer’s processing power to mine bitcoin. It’s using processing power, and companies don’t know it’s happening in the background. “It might be an area to focus on going forward.”
Richard Meeus, head of Security Strategy, Akamai: “We track requests going out to websites and crypto-jacking has had a dramatic uptake. At Akamai, we’ve also noticed a problem of credential stuffing. Everybody has been guilty of using the same username and password on different sites. That’s what the attackers realise. One breach can mean that the same username can be used across a myriad of different sites. [Malevolent] organisations take these botnets and use these huge datasets and run it against sites. They look at whether they are valuable assets and sell it on to actual criminals they want to monetise that asset.”
Rob Russell warned on the outcome: “Up until now, the security industry has always been playing catch up, it’s always been a response. That’s where the cybersecurity stack comes from, the landscape has become complex. We need to step away from technology being the answer and focus adding the human enrichment. You need the team around it to support that technology.”
It’s around awareness training and taking the human factor into account, he says. “There is too much of a heavy reliance on security, you wait for alarms to go off and it’s only then that you respond to them.”