Identify your "vital ground" or your cyber effort is wasted

Tom Allen
clock • 3 min read
Have a plan for recovery, and then have a backup plan for when the first falls through
Image:

Have a plan for recovery, and then have a backup plan for when the first falls through

And the road to recovery is to plan, plan and plan again

When it comes to cybersecurity, knowledge is the first step in protecting yourself. 

Knowledge of your enemies, and of your own vulnerabilities. 

That was the message from Philip Ingram, a former senior officer in British Military Intelligence speaking at the Cybersecurity Festival last week. 

"If you know what they're after, that means you understand whether you're going to be targeted," he told delegates. 

"The thing that drives China is economics, money, intellectual property. if you can save billions of dollars by stealing someone else's development work, and then you just have to manufacture it, you've saved yourself billions of dollars and you can then use that to get out into the market in a much quicker way and get economic advantage. So, everything that drives China's attacks is economic advantage." 

In a similar way, Russian cyberattacks are driven by influence, both political and military, while North Korea is motivated purely by making money - mostly through cryptocurrency to avoid sanctions - to fund the ruling class's lifestyle. 

"I have a problem with Kim Jong Un. How can a country that doesn't allow its citizens to go to university...become a Tier 2 player? There are only two internet pipelines into North Korea. One of them...goes to China; the other one...goes through Russia." 

Ingram believes Russia and China are using North Korea as a patsy, launching attacks their victims will attribute to the isolated state to gain plausible deniability. Again - good knowledge to have, or even suspect. 

Why is knowing what attackers are after relevant for a defender? For the same reason knowing about attack vectors and methodologies is important: to defend against them. Knowing what the threat is and, just as importantly, what the attacker is after will immediately tell you if you are a target of interest. 

If you determine that you are a potential target, the next step is to identify "your vital ground or key terrain - the bit you cannot operate without." 

"If you can't identify it you're wasting a lot of effort," said Ingram. 

And, of course, you can't forget about your vulnerabilities: your people, systems and network. Ingram showed off a device called Flipper, a multi-device hacking tool built using open-source tech, small enough to fit in a pocket. 

"How many of us have policies that would actually look for devices like this on our employees?" 

The road to recovery 

So, you've identified your main threats, your vulnerabilities and your vital ground. What's the next step? To prepare for the inevitable breach, because even if you know everything about your network, no-one can ever be 100% sure they're safe. 

Have a plan for recovery, and then have a backup plan for when the first falls through. It sounds like a lot of work, but preparing to manage the reputational fallout will pay dividends. 

"You can recover from the technical side of a cyberattack relatively quickly, but trying to recover a reputation can take years." 

Hacking groups like Anonymous, realising how damaging it can be, have moved on to attacking companies' reputations directly by releasing data from companies they have breached, or calling them out online for what are seen as shady practices (for example, continuing to operate in Russia). 

Knowledge, Ingram reiterated, is the key to it all. Determine if you're a target and use that to refine your preparedness - rather than just thinking about what a threat vector is. 

More on Business Software

Extending digital opportunities to LGBTQ+ communities: An interview with LGBT Tech

Extending digital opportunities to LGBTQ+ communities: An interview with LGBT Tech

Chris Wood and Kristen Kelley of LGBT Tech tell Computing about their work, and explain why it is needed as much now as it was was when this not-for-profit organisation was founded a decade ago.

clock 24 June 2022 • 5 min read
Girls are being inspired to consider science careers

Survey shows promising interest in STEM subjects from young girls ahead of International Women in Engineering Day

Today is International Women in Engineering Day and in a new survey Science and mathematics were voted favourite subjects by girls aged 11 – 16 years old.

clock 23 June 2022 • 4 min read
ERP and the slow road to the cloud

ERP and the slow road to the cloud

Unit4, like all ERP vendors, would love its customers to move to the cloud, but what can it offer to tempt them to make the switch?

John Leonard
clock 22 June 2022 • 8 min read