Hacking has been around for as long as technology has existed. In the movie “Imitation Game”, British computer scientist, Alan Turing, hacked the “Enigma” machine to intercept and translate cryptic Nazi messages during World War II. It saved lives! Recently, CIA Director John Brennan’s emails were hacked and published on Wikileaks.
Generally a malicious act, hacking is done with the intent to steal, cause harm or make a statement. “Hacktivism” or hacking for activism was made (in)famous by Julian Asange, the founder of Wikileaks and Edward Snowden, both “hacktivists”. Another new breed of hacking, has largely been enabled by cloud computing. Hacking-as-a-service is available to anyone with a malicious intent. Cloud-based software is readily available to hack, steal, sell and make a profit. The hacker is not necessarily the stereotypical “slightly awkward teenage computer whiz”. It is a new business model that is estimated to generate upwards of $30 million in revenue annually. State-sponsored hacking, or cyber warfare, targets Governments. Electrical grids, server farms, transportation or water supply are particularly susceptible to this type of hacking. Cyber-warfare has the ability to impact large geographical areas or countries. And this is just the beginning.
Hacking is now considered organized crime. We have seen an alarming increase in use of “ransomware” by hackers to access, encrypt and hold hostage sensitive or valuable business data. Usually, the perpetrator demands money (between $500 to $2000) to decrypt the data and return it back to its rightful owner. So as to not be traced easily, the ransom is required to be paid in “Bitcoins”, a cyber-currency.
Irrespective of the hacking method, the mission is to search for “gold” so that it can be sold, held for ransom or provide access to power. While most hacking we hear about are high-profile events like the credit card data breach at Target last year, small and mid-sized businesses are equally at risk. They generally do not have the technology budget to secure their IT infrastructure. Fortunately, many small and medium businesses we work with have implemented or are considering implementing security strategies that do not cost an arm and a leg.
A multi-layered protection strategy, one of which should detect threats before the attack occurs, is the most effective way to combat hacking. Firewall, anti-virus, anti-malware and DNS security are some of the solutions we use. Ultimately, the battle has to be fought in the cloud – cloud-based solutions for cloud-based threats. And always remembering an ounce of prevention is worth a pound of gold.