New Year, New Cybersecurity Resolutions

This past year we had the pleasure of attending a conference with guest speaker, FBI counterterrorism and counterintelligence operative Eric O'Neill. He is most noted for his key role in the investigation and takedown of double agent Robert Hanssen. You can read more about Hansen and O’Neil in our Byte Sized Reviews section on page 4!

Beyond the mind-blowing story of espionage, O’Neill left us with some incredible insight comparing today’s cybercriminals to those of the best traditional spies and identified how this view has inspired today’s term Zero Trust. Hanssen is considered the 1st cyber-spy and the most damaging using traditional spy tradecraft. His “success” was in his ability to compromise computer systems within the FBI. What this story highlights is the evolution of espionage. Today, most espionage takes place through computer penetrations, more commonly known as cyber- attacks.

I was working as a Defense Contractor while I was still in High School when I was introduced to industrial espionage. From that point on I was hooked on security, and it has been a cornerstone of my career ever since. I saw my first compromise in 1999, and we watched as the digital files were being destroyed in our Law Firm which included an extremely high- profile legal case that was all over the news. Later in my career, we were setting up family medical practices in retail stores across the country. Our offices were broken into, alarms were cut, and had just recently told a large corporation we would not be submitting our information to them so, was it coincidence? or espionage? That large corporation ended up standing up medical practices that looked like the ones that we designed and implemented.

While those were invasive thefts, today we are seeing more attacks related to Zero Day Exploits and Supply Chain Attacks. Prime examples of this are the SolarWinds hack, the Microsoft attack, and the Colonial Pipeline Ransomware attack that all took place this last year. In each of these situations, hackers are working as spies to learn about a company’s habits, vulnerabilities, and flaws that they were then able to exploit to gain access to internal systems. Much like how Hanssen knew the FBI’s flaws that allowed him to sell so much of our information WITHOUT getting caught. These situations and more often fail at having context to the situation (where attackers landed, where they went, and where they have been). Without context it is impossible to respond to an attack in the most appropriate way, often costing the company millions of dollars.

In taking this view of what a cyber-criminal really is, ZERO TRUST is a term that makes so much more sense. Zero Trust is a way to build your security infrastructure, so everything must authenticate in multiple ways to prove you are who you say you are. We are kicking “Trust but verify” to the curb for the more appropriate, “Don’t trust, verify everything.” While there are more elements to Zero Trust than what we highlighted here, it is something that is making the “New Year's Security Resolution” list for many of our customers.

Chuck Lerch