Disclaimer: I am currently not in the IT Security field, so take my opinion with a grain of salt. I have worked in IT since 1990. I am very good at securing individual endpoint devices. I started using computers, the Internet, and email back in 1988. I have never been hacked, never had a virus or spyware infection, and never lost data.
MORE DEVICES TO PROTECT & VALUABLE INFORMATION
I am sure everyone realizes that in 2016 we have more devices connected to the Internet than we did in 80’s, 90’s and early 2000’s. The number of connected devices will only grow. The hackers have more targets to attack. It is not just about the number of devices, but the information these devices contain. Hackers realize that increasingly servers, computers, tablets, and smartphones contain valuable information. As the value of the information increases on our devices, you will have more bag guys trying to access networks and our personal devices to steal information.
After hearing yet another story on the news about a security breach, a co-worker asked me, “Why can’t those security people stop this.” I started by saying that I am not trying to make excuses, but it seems like ALL types of crooks (not just computer hackers) are often one step ahead of the good guys. This may be the case because they are more motivated by money, there are more of them and security pros have to be perfect. A hacker may have tried to break into 50 networks and was not successful. However, when he attacked the 51st network he was successful. Depending on the company and the size of the breach, you may hear about it on TV. However, you will never hear about the 50 times the security professionals stopped the hackers in their tracks.
Per computer, a hacker has over 65,000 possible entry points. Before you look at your computer and count only 5 or so PHYSICAL connections\ports, I am not talking about physical ports. I am talking about software\virtual ports. More specifically, I am talking about TCP/IP ports. TCP\IP stands for Transmission Control Protocol and Internet Protocol. TCP/IP is how devices (servers, network printers, tablets, laptops, and desktops) connect to a network (Internet included) and talk to each other. There are 65, 535 TCP/IP ports. So, if I am a hacker, I have over 65,000 possible ways to remotely connect to your device.
HACKERS HAVE CHANGED
Many people today still have the same image of a hacker they did 10-15 years ago. The image is of a pimpled-faced teenager in his room trying to break into other people’s computers. Today’s hackers are grown men that are very talented, educated, and work for underground hacker organizations\companies. Believe it or not, some of these hacker companies have customer service departments. Hacking today is a very well financed and organized crime.
Back in the old days you had to have skills to be a hacker. You had to know how to write code and exploit TCP/IP. Today with a credit card anyone can be a hacker. Hacker companies create kits you can buy and then use them to break into computers…no skill needed. Basically all you need to know is how to install the kit\software, point it to the network\computer you want to attack and click a few buttons. If the kit does not work as you expected, you can contact the customer service department of the hacker company.
LACK OF APPROPRIATE EMPLOYEE TRAINING AND KNOWLEDGE
Typically the weakest link in any security program is the human link. You can spend all the money you want on expensive and sophisticated security hardware and software, but a few bad clicks (clicking on infected emails or websites) by employees could negatively impact the entire network. I have met many people that work for organizations (not in the IT department) that tell me, “My job is not computers and it is definitely not security. I have enough to worry about just trying to do my job. I don’t have time to be, nor do I want to be a security superhero.” I understand. However, these same people are not police officers yet they have:
A security system in their car
A security system in their home
Carry a gun
Take self-defense classes, etc.
No one is asking you to be a security pro, but there are some basic things we all can do to make the hacker’s job tougher. I think proper employee training would go a long way in decreasing the chance of an organization having a security problem. Proper training may include:
Talk to employees first to get a clear picture of what their job is and how security may fit into their daily duties.
Design a class\training that’s specific and relevant to employees.
Make the class succinct, but thorough. People are busy and don’t have a lot of time and may start to lose interest if the class is too long.
Make the class fun and engaging. Don’t just stand in front of people and lecture, but have some hands-on moments during the class.
Security training should not be a one-time event. However, you should not have a class every week as well. You have to find balance based on the type of business you are involved in, threat levels your organization faces and feedback from your employees.
THE $17,000 MOUSE CLICK
Be vigilant. There is always a hacker awake somewhere in the world trying to figure out how to access systems. In 2016 and beyond, to some degree, security is everyone’s job.
John L. Jones