Cyber attackers prey as work shifts to homes

Cyber attackers around the world — ranging from criminals to state actors — are taking advantage of the massive global shift to working from home in the age of the coronavirus pandemic and escalating cyber attacks, senior former American and Israeli defense officials warned during an online Cyber Tech USA conference last week.

Nadav Zafrir, former commander of the IDF 8200 signals intelligence unit and managing partner of the Team8 company, spoke with former CIA Director David Petraeus, today a partner at the KKR global investment firm.

Zafrir said the probability of cyber attacks is “the new normal.”

“Attackers have no price of failure, leading to asymmetry and leading to the acceleration of the threat,” he said.

Petraeus, the former US commander of coalition forces in Afghanistan, concurred, saying that “digital trust is the foundation of everything that we do when we go online.

“Seven, eight months ago, we all shut down on very short notice and uploaded to Zoom, to Microsoft Teams, to iPhones, Android and laptops. We came home and started operating from home offices. In many cases, we hooked into router networks that are local.”

While some companies are using virtual private networks, he said, in general, there is little cyber security, “if at all,” under such conditions. “The bad guys know this and sought to take advantage, significantly escalating phishing attacks and diabolical ways of getting into the network.”

Attackers are going after personal data, intellectual property, sensitive transactions and a host of other items, he warned. The threats are posed by cyber criminals, radical organizations and nation-states. In the pandemic era, said Petraeus, “almost everyone has moved to the cloud, whether they were ready or not. This disruption has indeed created new opportunities for nation-state attackers, criminal hackers, even for extremists. They are trying to take advantage of these opportunities.”

To ensure digital trust and beat back the threat, he said, companies require solutions designed for their needs.

Petraeus described a “consistent, comprehensively integrated and managed cyber-security solution. It’s not enough just to have verification of your identity or identity management. You have to have your firewall, cloud service and end-point protection by AI-enabled cyber security. You need to have anomaly detection. You have to train the workforce.”

“I just fended off a suspected phishing group from an Iranian group that is well known,” he added.

“This is a little bit like counter-insurgency. The counter-insurgent has to protect all infrastructure. The insurgent has to find one vulnerability. The same is true with a cyber-defender and a hacker. The sheer number of hacks has escalated very dramatically.”

Petraeus said it remained unclear if companies would ever return to the old way of doing business, adding that reliance on mobile devices is vastly greater than in the past and operating from home may become a permanent fixture.

Avihai Ben-Yossef, co-founder and CTO of the Cymulate company, which simulates cyber breaches and attacks for clients, previously held a leading technological role in an IDF intelligence unit.

Ben-Yossef described how his company begins “with recon” for clients, “trying to get as much information we can on the organization,” whose defenses they then test.

“We try to understand where the exposed service that you got online is, which password was leaked. We’ll use these as we go. We’ll test the email gateway. If someone wants to send an email with malware, will the gateway block it? Will users download malware, will they go to phishing websites?”

Cymulate will conduct a host of tests, including checking to see whether firewalls actually block malicious requests, and who in the company is likely to click on such requests.

“Once we get in, we’ll test your end point, showing you how we can stay in,” he said. “How far can we pivot in the network? Can we reach the crown jewels? Can we extricate data back home?”

During the conference, former Canadian Justice Minister Irwin Cotler, also the founder and chair of the Raoul Wallenberg Centre for Human Rights, warned about a “political pandemic” that is spreading throughout the world, fueled by online platforms. He described a “resurgent global authoritarianism, including a digital authoritarianism,” and a “backsliding of democracies. There is a global assault on global freedom,” he said.

Cotler described a “dystopian use of cyber tech to assault democratic values and fundamental freedoms. Where the tech races ahead, the law lags behind. The technologists are beating the lawyers.”

He cautioned about the proliferation of state-sponsored cyber warfare, assaults on electoral grids and the use of social-media bots, which he described as being “more important than boots on the ground.”

“We have developed the Geneva Conventions for laws of war, but we have yet to develop a legal regime on the matter of cyber warfare. Here, too, the scientists are beating the lawyers and with adverse consequences,” said Cotler.

“The weaponization of social media by global autocracies to repress dissent at home while engaging in disinformation and destabilization abroad” formed a top priority threat, he added, as is the explosive increase in hate speech on the Internet, which can lead to offline violence.

This includes Holocaust-denial speech by the Iranian regime, and state-sanctioned genocide incitement by Iranian Supreme Leader Ayatollah Ali Khamenei.

“Prohibiting such state sanctioned incitement to genocide is not just a policy option. It is an international legal obligation. Those who perpetrate such incitement must be held to account,” said Cotler.

To address the challenge, he called for establishing universal quality seals for ethics and human rights that should be given by governments to tech companies that meet good practice standards.

The end goal, he said, is to “create a situation where we control the algorithms and the algorithms do not control us.”