Source: MIL-OSI Submissions
New Zealand needs to look at cyber security differently and understand risk to be more secure, says an expert in the darkweb.
Joerg Buss, a director at Darkscope, says people always talk about defence, when they don’t understand what they are up against:
“It’s like building a flood wall in a desert – what’s the point in having strong defences when it’s in the wrong place, there’s no knowledge about the nature of the attack and you get burned by the sun?”
Buss says he wasn’t at all surprised about what’s happened at the Waikato DHB because he spends his work week analysing thousands of darkweb threats and this shows we have the wrong approach to cyber security.
“It was only a matter of time before one got through – someone let their guard down and wallop. In the aftermath, even the Minister talks about all DHB defences being strong when the conversation should be about identifying the risk in the first place. This shows a remarkable lack of understanding.
“Comments are made as if this is a rogue attack or a special case, but that is far from the truth. The internet is awash with attacks and this one was quite small compared to many others around the world. Organisations in New Zealand need to wake up to this reality.”
He emphasises that cyber attacks are now just part of business, they are not going away and there is a desperate need to be better at understanding the threat.
“Currently, we don’t know what we don’t know and the reaction to risk is to go to the nearest cyber security vendor, buy defence and think “box ticked”, or “that’s sorted”. We believe what the vendors say because they sell defence.
“With the focus on defence, the language is all about protecting business risk or the impact of an attack, when we need to look at cyber risk and find information about where the attack is coming from. The two are very different. An army has never won a battle without intelligence and this is the same.
“What is needed is a deeper appreciation of who the cyber attackers are and how they think.
“They aren’t hooded tech geeks working in a dim basement as is often depicted in the media. They work for organisations that look like any other business, they have strategy workshops, business plans, bright offices and even expense accounts. There’s even collaboration between hacking organisations.
“Their work is carried out on the darkweb and until New Zealand organisations understand what’s happening in this clandestine environment they will not be protected against the next attack.”
Darkscope’s system monitors countless darkweb channels, forums and marketplaces as well as Telegram groups. We see hundreds of new databases from businesses, which just have been compromised. Some of them are available for free but most of them are for sale on darkweb markets.
For example, over the last 24 months, our system has found 9,800,000,000 records from different databases. All these records are available for free but only count for a small portion of the overall market as most databases are for sale and not publicly available.
In addition to these, our system has seen 174,345 offers for stolen data ranging from $20 up to $50k. There have been more of these appearing in the last 12 months.
While writing this, one group published 19 new databases within 12 hours!
Darkscope International is a 2018 start-up with more than 20 years’ experience focused on security intelligence. Darkscope is the first joint human and AI business specialising in training and using artificial intelligence to provide assistive technology, enhancing human expertise in cybersecurity. With its own cutting-edge AI and Deep Artificial Neural Networks scattered over the darkweb, Darkscope leads the world in cyber intelligence solutions. Darkscope is a New Zealand based organisation working across international markets to deliver real world actionable cybersecurity solutions.
Darkscope is a registered trademark of Darkscope International Limited.