As I was listening to
“The Future is not Blockchain. It’s Hashgraph.“ I had a question as they were discussing how a potential attack could come into their product, i.e. what if 3 out of 5 cheaters were in a card game? Obviously the cheaters would win, unless the game was found out to be cheated and you could enforce something to recoup losses.
The problem we have is we are on the Internet, and we have to be, so my question came as an obvious, how many bad characters are on the Internet right now?
Let’s list some of the known actors:
- Ransomware creators (criminal syndicates in friendly legal areas – East European countries)
- Ransomware creators (bad state actors – like NorK, Iran, and to some degree China -only because China has some local government that can do this for some time – and any others that push their weight around)
- Malware creators that want to make Bitcoins or Monero by using your computers to mine cryptocurrencies.(could be anybody)
- DoS (Denial of Service) attacks causing threats and ransom in other ways are sold on Darkweb for money, so anybody can attack anybody else(competitors, neighbors etc.)
The reality is we do not know “exactly” our adversaries, and there are estimates that ransomware cost $5 Billion in 2017, but numbers can be inflated.
But let’s turn that around – if your device receives ransomware and you cannot unlock it then stating statistics of millions (or Billions) of dollars means little when your device is not working.
So yes it is good to know your adversary, and there is no shortage of criminals and their methods to extract more money from their marks(people who do not know how to defend their computers).
What does that mean to all of us without exaggeration?
So we know there are a lot of cyber criminals, and they are constantly looking for you to mess up. They are becoming more sophisticated not less.
So here is a report by Mandiant (a Fireeye company) that investigates last year’s actual breaches and other activity as they have found at client sites and more- you can click on the report without registering.
There is also an interesting statistic they have compiled: “Dwell time” the number of days that there is evidence of a compromise on the network before detection.
America dwell time was 75.5 days in 2017, an improvement of 23.5 days(was 99days).
The average for the world was 101 days in 2017.
So this is an interesting statistic and is in line within Cybersecurity discussions as I know them. A bad character once they breach a network they will stay under the radar for a while, then performing their stealing or destruction before they are found.
So if we use both sets of information we know the Cyber criminals are making a lot of money and they are very sophisticated. They are not like the old “script kiddies” where it is fun to see what mischief to get into. Today’s bad characters are here to stay, to make more money this year than last.
We have to become more sophisticated as we keep using more of the Internet with more technologies.
Contact Us to discuss the sophistication of attackers and more.