What’s the Status of Today’s Cybersecurity Industry?
At the time of this writing, cybercrime certainly does pay? it takes in at least $1.5 trillion in profits per year, and that number is still growing. Some projections anticipate it causing $6 trillion in yearly damages by the time 2021 rolls around. The cybercrime industry is worth $200 billion per year, and there’s been a 67 percent increase in security breaches over the span of the last five years.
Phishing has grown in popularity to reach the top spot, targeting approximately 76 percent of all businesses. Phishing is a multi-purpose attack vector for cybercriminals, delivering ransomware or other types of malware, tricking the target into handing over sensitive data, or stealing credentials that allow them to access your data at their leisure. Making it an even worse threat, many who have been phished successfully don?t realize it until the ramifications set in. These attacks are responsible for the exposure, theft, or corruption of billions of records annually.
It should be pretty clear at this point why businesses need to be concerned about cybercrime.
However, cybercrime wasn?t always as huge of an issue as it is now.
Believe it or not, the global threat that costs economies trillions each year was once a simple research project. An individual named Bob Thomas realized that a computer program could potentially be able to travel across a computer network, leaving a trail behind. He designed a computer code that he nicknamed ?Creeper.? The aptly named Creeper was meant to traverse the ARPANET, moving from Tenex terminal to Tenex terminal, carrying its message:
?I?M THE CREEPER : CATCH ME IF YOU CAN?
When Ray Tomlinson – the inventor of email – took notice of it, he created what was effectively the first-ever computer worm. He then wrote another code, named ?Reaper,? which hunted down Creeper and deleted it – effectively inventing antivirus.
Leveraged By Criminals
Cybercrime was once much different than what can be observed today. In the 1980s, Soviet hackers considered the benign applications that academics had designed, and speculated the same concept could be used to infiltrate other networks. By 1986, a German hacker named Marcus Hess successfully hacked into an Internet gateway that the University of California at Berkeley hosted. With this connection, he had reached the ARPANET. He ended up hacking a total of 400 computers, including some Pentagon mainframes, and planned to sell the secrets he had absconded with to the Soviet Committee for State Security, which translates to Komitet Gosudarstvennoy Bezopasnosti… otherwise known as the KGB. Through cooperation between the Federal Bureau of Investigation and the government of West Germany, Hess was caught, and became the first to be convicted of a cybercrime. He was handed down a 20-month suspended sentence.
This just so happened to coincide with an increase in both connectivity and the severity of viruses, making the threat that a virus could pose much more considerable.
Cybersecurity Software’s Development
In 1988, software engineer Robert Morris tried to measure the Internet, but it didn?t exactly work out that way. His plan was to write a program that would spread to different networks, infiltrating Unix terminals, and replicate itself. The problem is, the ?replication? aspect was so efficient, it slowed down the entire Internet and had serious ramifications. ?The Morris Worm,? as it came to be known, was the reason that the Computer Emergency Response Team was formed (you may know it by its modern name: CERT). Now a professor at MIT, Morris has the distinction of being the first person convicted under the Computer Fraud and Abuse Act (CFAA).
After the Morris Worm had been taken care of, the development of viruses exploded? and the antivirus industry followed suit. When the Internet could first be found in the home in the mid-1990s, there were dozens of antivirus solutions. These solutions would reference a database of virus code signatures, testing a computer’s binaries against it – potentially identifying major issues.
As the mid-nineties rolled around, the Internet had just a few thousand known viruses on it Come 2007, there were about five million different strains of malware, from worms to viruses to Trojans and many, many more. 500,000 different malware strains were being created on a daily basis by 2014.
Security solutions needed to improve, as the antivirus that so many relied upon were unable to scan for malware quickly enough. Fortunately, new methods arose. There were endpoint protection platforms (EEP), which would scan for similarities between malware families, rather than specific file types. This was effective because a single idea often spawns many examples of malware, so the EEP approach is a simple way to identify threats in code.
Malware continued to advance, and once it started using additional tools to overcome endpoint protection, another solution was needed. This became abundantly clear when the WannaCry ransomware used a previously patched (and seemingly largely neglected) security flaw to encrypt its targets? data, forcing them to pay a ransom in Bitcoin in order to access it.
This made it very clear to industry professionals that playing catchup wasn?t an effective strategy anymore, and that they had to at least match the pace of cybercriminals. This meant that threats needed to be easier to detect on the network, which called for increased transparency. To accomplish this, endpoint threat detection and response (EDR) services became popular as a means of proactively monitoring networks and resources. This is the cutting edge, and where we stand today.
White Mountain IT Services can help you manage your cybersecurity solutions, protecting your network and the business it supports. To learn more, call us at (603) 889-0800 today.