In an era of ransomware and other targeted attacks, enterprises have to be always on alert to prevent themselves from being hacked. Due to IoT, new attack vectors are constantly being opened – such as Industrial IoT. In an interaction with Nivedan Prakash, Raimund Genes, CTO, Trend Micro, shares his analysis on why some areas deserve far more greater attention, than traditional areas.
Please highlight some of the current trends prevailing in the security domain?
Till a couple of years ago, everyone in the industry used to talk about APTs (Advanced Persistent Threats). But now discussions have shifted towards modern-day malware, which includes ransomware. Unlike APTs, ransomware is pure profit for cyber criminals.
As threats have diversified and grown in sophistication, cyber criminals have moved on from primarily targeting individuals to focusing on where the money is i.e. enterprises. Cyber threats reached an all-time high in 2016, with ransomware and Business Email Compromise (BEC) scams gaining increased popularity among cybercriminals looking to extort enterprises.
Throughout last year, we witnessed threat actors extort companies and organizations for the sake of profitability and we don’t anticipate this trend slowing down.
The other trend that we are witnessing is that our industry is not a vendor driven market. We have to always react to the behavior of cyber criminals. I believe that our competitors are these fast and dynamic cyber goons and not the likes of Symantec or McAfee, as these people with profit motive keep changing their behavior dramatically. As a vendor, you just can offer one piece of technology as it will sooner or later become irrelevant. For you to survive in this fiercely competitive market, you have to invest in different security solutions; you need a set of different technologies to safeguard your assets.
At this point, everyone in the industry is talking about Artificial Intelligence and Machine Learning and the benefits associated with them. But soon you will find the cyber criminals fooling these technologies as well. While we are also witnessing an influx of security startups in the global market that are focusing on user behavioral analytics, most of them specialize on a single technological area. These kinds of startups won’t survive for long, as the behavior of cyber criminals is changing constantly.
Among the modern-day threats, which ones are blown out of proportion?
In the past, APTs were blown out of proportion. I used to refer such threats as targeted attacks, as these were nothing but modified malware. There is no point in making a hue and cry of such attacks and giving them some sophisticated nomenclature. In the current scenario, one over-hyped area is ‘end-user IoT’. People are talking about ransomware on IoT devices, but I believe it won’t give them any RoI. Hence, they might use some other tactics to exploit IoT devices. In IoT, it’s all about economy of scale. When we did drone hacking at Trend Micro, the industry looked at it as cool stuff. But people with malicious intent want more and more money.
Today, nobody is putting attention towards Industrial IoT, which is more vulnerable than end-user IoT. There are high chances of a power grid or a power generator getting blown up or a smart city getting shut down with the modern-day threat vectors. To quote an example here, Trend Micro conducted its own analysis of Shodan (an online search engine that scans cyber assets or Internet connected devices looking for any security flaws that could open them up for attacks) data for February 2016 and found that millions of Internet-connected devices in the US, including many in the most sensitive industries, are vulnerable. But luckily, cyber criminals have not yet found a business model of making money by targeting Industrial IoT.
However, I don’t see modern-day malware getting over-hyped and certainly not from the big security players. While a few small vendors are still trying to cash in by blowing things out of proportion, customers at large are aware of the situation and they easily figure out when it’s over-hyped. There is an urgent need for us to realize the reality that we are constantly under attack that is multi-fold and not just one vector. Today, in the era of social media, every corporate and individual is vulnerable to cyber attacks. It’s nice to remain visible but at the same time, it opens a window of bigger vulnerability.
Looking at these trends, in which areas did Trend Micro invest recently?
We have made huge investments in areas like cloud security, next generation endpoint, breach detection system, endpoint detection and response, security information and event management, and identity and access management.
Next year, Trend Micro will be completing 30 years in the industry, and unlike most of the players in the market, we have been profitable in this long journey. The reason behind our strong growth and continued success is the diversification of products that we offer to the customers. A lot of traditional players still rely on consumer revenue but looking the changing dynamics of the market, we understood well in advance that our consumer revenue will decline.
Hence, we made good investments in areas like cloud and network security. Although losing consumer revenue in most of the markets was a painful experience, we covered it up by cementing our place in the enterprise security domain.
Cyber criminals have always been a step ahead of security vendors. Can we expect the reverse in the near future?
We could be ahead of the cyber criminals, as we already have the technology to beat them. But it changes the way we use the computers. If I am appointed as a consultant to your organization, I would ban every BYOD device as well as the usage of Android devices. And I would force you to use the PC connected to the Linux server. PC is considered as the best invention of the mankind but the whole ecosystem has been created in such a manner that we are prone to all sorts of cyber attacks. In order to remain ahead of the cyber criminals, we need to bring a radical change in our approach.
If you have an interesting article / experience / case study to share, please get in touch with us at [email protected]