BOSTON—The nature of cyberattacks is changing and increasingly leveraging social media as they take aim at new targets. That’s the consensus of cybersecurity experts discussing the evolving nature of threats from nation states to hackers for hire.
That’s not to say ransomware isn’t going anywhere or that attacks on critical infrastructure are less of a threat today. Those threats are real and growing. But, panelists at the The Cambridge Cyber Summit, say an emerging new threat landscape is beginning to take shape.
“We think of the recent U.S. election hacks as a cyber Pearl Harbor. But, what happened there? We were thinking and looking in the wrong direction,” said John Carlin, chairman of the Cybersecurity and Technology Program at The Aspen Institute and former assistant attorney general for National Security at the U.S. Department of Justice.
“It’s hard to predict where threats are going,” Carlin said. “But it’s important that we re-conceptualize how we are anticipating the next attack. Increasingly, (adversaries) are not trying to attack our stuff. We need to step back and rethink how we are defending our networks, but also what needs to be defended,” Carlin said Wednesday at summit hosted by CNBC and The Aspen Institute.
New to the threat landscape experts said are not just breaches, ransomware and IP theft, but a threat to a way of life. The prime example, Carlin and others gave, is the use of social media to attempt to influence votes or drive division within a nation via Twitter and targeted Facebook advertising campaigns.
“We’ve been missing all the early warnings. More specifically threat actors acting on the behalf of nation states using technology in ways we wouldn’t have anticipated,” said Monika Bicker, head of global policy management for Facebook.
In that context, using the Facebook platform in an attempt to shape opinion with hundreds of dummy accounts and highly targeted ads is a type of attack that requires new defenses.
Those challenges become magnified as Facebook and internet services scale globally. That puts strains on companies such as Facebook to manage and police 2 billion user accounts—80 percent of which reside outside the United States. “If you want to create a dynamic environment you have to accept enforcement is going to be challenging. That doesn’t mean problem doesn’t get better. It just means there is a challenge there that didn’t previously exist,” she said.
But Chris Inglis, managing director of Paladin Capital Group and former deputy director of the National Security Agency, points to the Sony hack by North Korea as a pivotal moment when it came to nation states attempting to attack U.S. interests in unconventional ways. “North Korea’s objective wasn’t to destroy or steal, rather to humiliate Sony and it’s executives with leaked emails,” he said.
“Before the Sony hack, we never thought an attack might include an entertainment company,” Inglis said. “The attack was audacious, indiscriminent and not what we anticipated.”
The takeaway is for companies to rethink what they want and need to protect. “What are the crown jewels of your company?” asks Carlin. “They have changed from just a few years ago. Companies need to begin to reassess what is most important to government and private sector.”
Even with traditional threats such as ransomware, attacks are migrating away from individuals, to attacks against enterprises to nation state attacks, Carlin said.
Another social-fueled criminal trend are the rise of dark markets, said Rod Rosenstein, deputy attorney general, Department of Justice. “Earlier this year, we dismantled the largest dark market, AlphaBay,” he said. But the trend is for more dark markets to pop-up in its place.
“This is another disturbing trend that helps explain why data breaches continue to occur. It is the growth of dark markets that facilitate all matter of crime, from narcotics trafficking, to illegal firearm sales, to identity theft, child exploitation, and computer hacking,” Rosenstein said.
“We have to do more to stop dark markets if we want to disrupt sophisticated underground economy that ports transnational organized crime,” Rosenstein said.
Addressing an increasingly global threat landscape leveraging new types of attacks requires cooperation between private and government agencies inside and outside the United States, said Andrew McCabe, deputy director, Federal Bureau of Investigation.
“It’s about understanding our strengths and working together across maybe non-traditional borders to develop new approaches to that problem,” McCabe said. “The strength of our service providers and our social media companies is that they have developed these incredible platforms that allow people quick and easy access them to broadcast opinions important for our national and international discourse.
“We’re not going to shut that down, so we need to work with our providers to find how do we make them part of the solution. There is no law enforcement or exclusive intelligence answer to these questions. We’ve got to work together with the private sector to get there,” McCabe said.