What's it take to be a Hacker?

There was a great article in the Wall Street Journal on March 14th that talked about the state of hacking.  In U.S. law a state-actor is someone who is acting on behalf of a government.  A non-state actor is someone who isn't acting on behalf of a government.  In times past, to hack was an expensive and time consuming task.  You had to have special knowlege and special tools and had to gather information about the people you were hacking.  But no more. Chris Roberts who is the Chief Security Architect at Acalvio Technologies said this:

"…Years ago, if we wanted to break into your environments, we had to do the intelligence, the gathering of the data, the analytics, the attack vectors and then understand how to execute.  Nowadays all I do is go online and buy half of those tools.  I buy that as a service.  So the only difference now between the nation-states and (a hacker) somebody like ourselves is the financial resources at hand."

Did you catch that phrase in the center "I buy that as a service".  That means that they buy the software to hack into businesses like yours and they are given technical support!   (sarcasm on) So they can properly break into hundred or thousands of businesses (sarcasm off).  So no longer do they need special skills, and deep knowledge and do extensive research.  If you have the money, you can purchase that online.  It no longer takes deep pockets.  

So what do we do about that?  You do what we did.  We invested in new tools that look for obvious problems and run monthly scans on the network to make sure that we have all the basic security issues in place.  We invested in behavior-based tools.  Our Antivirus Anti-Malware product looks at your computer system and establishes a baseline of behavior.  If your computer falls out of that baseline, it triggers warnings that let every other computer in your network to go on high-alert.  If it sees bad behavior, then it knows which files are affected.  So if you have important customer data, then it tells you exactly which data is affected, reducing the risk of having to protect it.  We also do the same behavior based analysis on our firewalls and routers, so we are alerted if something looks suspicious.  Those are the kinds of tools that we include in our E.S.P. plan.

Today, Saks, Lords and Taylor announced a data-breach on millions of their credit cards.  Wouldn't you hate to be them?  Call us.  217-352-1582

Tim