Have you ever wondered where the bad guys that use ransomware and other malicious code actually get it all from? The options are pretty limited: either the computer systems that we all use for our businesses every day are about as secure as a paper bag in a hurricane (so breaking into them is easy), or someone out there is putting some extreme effort into circumventing the, often elaborate, wide-ranging security features that we have in place. Our enemies are the criminals that make use of these tools: are they really that smart and well resourced, or are they just using tools that someone else built and if that’s the case then who built them and for what purpose?
To be blunt: This is an arms race. The enemy has ever more powerful ways to compromise our business systems from a distance, and we must have increasingly sophisticated means to prevent this from happening. We need to do this, because if we don’t then the enemy will win.
To get back to the question though, where do these tools come from? It increasingly looks as though the weapons that the enemies wield were forged in the furnaces of the NSA. The National Security Agency (NSA) is the best resourced spy agency in the world and doubtless has a myriad of covert uses for the tools that it develops. Although the ethics of the NSA, and its activities, are at best questionable, it is fairly safe to say that this organisation poses no direct threat to the average UK business. Put simply, why would your average UK business be of any interest to an organisation like the NSA? No motive, no actions.
There exists an age-old issue with making weapons, regardless of whether we are looking at rifles, malicious computer code or nuclear warheads. It is that when, not if, they fall into the wrong hands, they will be used against whoever now holds said weapons wishes to use them against.
The story goes that the NSA’s “Equation Group”, described by Kaspersky Labs as “one of the most sophisticated cyber-attack groups in the world and the most advanced … we have seen”, is the creator of these code-based weapons. One advantage that the NSA has is that, well, it’s the NSA. This means that as a clandestine division of the government, it can do pretty much whatever it likes.
Going back to around the year 2000, Microsoft had failed to remove the debugging symbols in a service pack for the operating system Windows NT. This revealed a complicated backdoor had been put in called NSAkey… There never was any formal admittance that this was what it so obviously looked like but let’s just say that the case was fairly strong. In short, the NSA may actually have access built into Microsoft products by design, rather than just trying to work out clever means to get around security. All this in addition to having the best hacking resources and the access to the best minds to turn into hackers! The NSA must think that the world is its oyster with all these incredible tools, intellects and weapons.
Then the tools/weapons got out.
Supposedly, an NSA contractor managed to wind up with a compromised laptop by installing a dodgy version of MS Office which included a trojan. Needless to say, the hackers had stumbled upon a treasure trove of malicious code, a veritable arsenal of weapons which would allow them to wander around the internet “in God mode”. These were sold on the dark web initially and then released into the wild by a hacker organisation that called itself The Shadow Brokers.
We now live in a world where our enemies can access a lot of that we would prefer they did not. They can cause mayhem from afar: blackmailing your business, stealing and usually destroying your data. Their weapons were crafted in a combination of built-in backdoors and very clever coding by those that profess to be allies, and the weapons really are very effective. They are now being pointed at businesses such as yours, pointed by criminals who do so for profit. These weapon-wielding criminals know their stuff and are ready to take you on.
The question is, are you ready for them? Are you adequately prepared to face your enemies?
If you would like to be put in touch with a participating Brigantia partner for help and advice with security and training (from the likes of Heimdal Security, KnowBe4, Bitdefender, CyberSmart then please call Brigantia on 020 3358 0090 or email partnersupport@brigantia.com.