By Hugo Sanchez, founder and CEO of rThreat
Just a few weeks ago, the FBI released a statement confirming their server Hack Over the weekend, it resulted in thousands of spam emails, a fake cyber attack warning sent to individuals and companies across the country. In a statement issued to address the incident, the bureau clarified that the attack did not compromise their systems or allow any outsiders to access their data.
The mere fact that this attack was possible, however, highlights the daunting problem with our cyber defense: they are not impenetrable, and gaps cannot be actively identified because they are not tested in battle.
In a world where cybercriminals are becoming more intelligent and our technology is evolving with each passing day, it is inconceivable that our attitude towards cyber defense will remain unchanged. To counter and combat tomorrow’s attacks, we need to pivot in order to strengthen our defenses, protect cybersecurity and use threat simulation – and not simulation – to determine vulnerabilities.
The concept of modern penetration testing was dreamed up in the 1960s and beyond 1967, More than 15,000 computer security experts, government and business analysts gathered at the annual joint computer conference to discuss concerns that computer communication lines could be infiltrated. The initial penetration test was initially conducted by RAND corporations and the government, and most systems failed the test immediately, confirming the legitimacy of the concern.
Today, intrusion testing has evolved to enable ethical hackers to test the vulnerabilities of a system through simulated cyber attacks. Recent Survey It was found that 70% of companies check intrusion as a way to measure their security level and 69% do it to prevent breach.
But these tests are flawed. Simulations using threat signatures are not enough to ensure adequate defense, and the ability to test cyber security in this way is like testing a bulletproof vest by firing blanks.
The biggest difference between attack simulation and attack emulation is that attack emulation shows the strengths and weaknesses of a threatening actor. In simulation of attack, it is possible to recreate the exploitative aspect, but if the testers do not use the same tools and make the same mistakes as the threat actors, they will be unable to create defenses that detect those same mistakes.
Another problem is that current methods suggest the use of customized and modified attacks to test cyber defenses, while in reality, it is essential to replicate how the system responds in real life situations using the same tools and the same errors. Threats that actors use during security tests.
Those who rely on machine learning or AI-based solutions also have to deal with the possibility of the program learning misconduct during simulated attacks, as the attacks are based on the latest threat intelligence or do not indicate what the threat actors are. Use. In addition, since attack simulations are not actual attacks, they run the risk of not being recognized as a threat by security controls, making it impossible to make sure the controls will work in real-world situations.
Experts who have monitored FBI breaches point to the possibility that the lack of malicious email attachments is simply due to hackers finding vulnerabilities without a specific plan for exploiting it. But Austin Berglas, a former assistant special agent in charge of the FBI’s New York office cyber branch, summed up the problem quite briefly: “It could have been worse.”
Leaving our systems vulnerable to attack is unacceptable when there is a good way Violation and attack emulation solutions can be more dynamic in nature, exposing a company’s infrastructure gaps and mimicking real-world threat actors’ strategies, allowing organizations to prioritize gaps that represent the biggest threat to their networks.
We have come a long way in our understanding of cyber threats and detection methods, but our defenses are a few years behind. The government will not send troops into battle with faulty equipment, and it is time to take similar action with our cyber security. War is a necessary next step in our defense test, and unless we do, we are leaving ourselves vulnerable to threats that could bring our country to its knees.
About the author
Hugo Sanchez is the founder and CEO of rThreat, a breach and attack emulation software that challenges cyber defenses using real-world and custom threats in a secure environment. Learn more about Hugo and his company here www.rthreat.net.
Notice of fair use: Under the “fair use” law, other authors may restrict the use of the original author’s work without permission. 17 In accordance with US Code § 107, certain use of copyrighted material “for the purposes of criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not a copyright infringement.” As a matter of policy, fair use is based on the belief that parts of copyrighted material are free to be used for the purpose of public comment and criticism. The privilege of fair use is perhaps the most significant limitation of the exclusive rights of copyright owners. Cyber ​​Defense Media Group is a news reporting company that reports cyber news, events, information and much more on our website Cyber ​​Defense Magazine at no charge. All images and reporting are done exclusively under the fair use of US copyright law.