Darktrace’s Toby Lewis spoke with SiliconRepublic.com editor Jenny Darmody about the evolving landscape of cybersecurity and what the future holds for a more connected world.
For more than a decade now, we have seen the rapid advancement of technology in our everyday lives. More internet of things devices in our homes connect to each other and each of these devices are called endpoints, which is often a concern for cyber security experts.
This is not new information, but as we move into the future and more of the world’s critical systems and government agencies go online, cyber threats will become a bigger problem.
Some examples just in the second half of this year include the Moveit attack on Dublin Airport and the NHS cyber attack that targeted two ambulance services both in July, the UK Electoral Commission cyber attack in August and the ransomware attack on the US branch of one of China’s largest. banks last week.
Toby Lewis is global head of threat analysis at UK cyber security firm Darktrace. In an in-depth interview with SiliconRepublic.com, he said there is a “crossroads” of increased use of technology, especially by companies looking to deliver better services to people, and the need to keep sensitive data secure.
“One of the challenges we have with the Internet of Things is that they’re inherently difficult to secure, they’re not necessarily built-in secure by default. But they’re also not something that a lot of users can just open a window on their laptop and just say ‘install security,’ that feature doesn’t exist,” he said.
“From a consumer perspective, there’s a real challenge for vendors to make sure these are secure from the start. From an attacker perspective, you have the potential of this massively distributed network of Internet-connected things that can be exploited and used for whatever you want, whether it’s to launch an attack elsewhere, or perhaps it is an entry point to a much more sensitive network.”
Get value for money
Prior to Darktrace, Lewis had also spent part of his career in the UK Government’s Cyber Security Threat Response Unit, including as Deputy Technical Director of Incident Management at the UK’s National Cyber Security Centre.
And while he said nation-state attacks are a problem that has never really gone away, a much newer and perhaps bigger trend is the growth of cybercriminals looking to take much greater advantage of the connected world.
This is particularly seen through the proliferation of ransomware attacks, particularly in schools in the US and the attack on the Colonial pipeline in 2020. “What it shows is that you actually have a criminal attacker who has the ability to bring down some really significant disruption on a really broad community. And they can do it and then say, ‘we’ll do it again, if you don’t pay us some money,'” he said.
“(Ransomware is) here to stay, it’s not going anywhere. As long as it’s profitable, as long as the attacker can make money from it, they’re just going to keep doing it.”
“If an organization has a bad day, from a cybersecurity perspective, that’s good”
Not only is ransomware here to stay, but the future is likely to see the growth of a franchise model of cyber attacks – ransomware-as-a-service. This allows cybercriminals to change tactics that will increase their return on investment while lowering their own costs.
And then from the company’s perspective, when major cyber breaches happen, they often make headlines. Thousands of customers having their data compromised is never good news for an organization. But Lewis warned that these headlines are usually the end result of “a long process that organizations go through every day”. Comparing it to goalkeepers in football, he said they are often better remembered for the goals they conceded rather than the ones they saved.
Crypto, blockchain and more: Insights from Coinbase Daniel Seifert
Read more “
“I think in reality organizations spend a lot of time and effort to hopefully prevent them from ever getting there. If an organization has a bad day, from a cybersecurity perspective, that’s good.”
Generative AI’s impact on security
In addition to headline-grabbing cyberattacks, generative AI has also made strong waves in the media especially in the past year. Amidst the explosion of major language models such as ChatGPT and Bard, many have flagged concerns about what this emerging technology will do for cybercriminals and how it could increase our vulnerability to attack.
Lewis said the biggest concern he sees is the advances in social engineering it could create — a tactic well known and used in the cybercrime world. “The area that we’re most focused on is around, how can generative AI be used to exploit the human? How could generative AI be used to create something so compelling that the most security conscious user would still fall for it, would still click the link or choose the attachment?”
With this effect in mind, he added, the response to social engineering attacks has often been about increasing security education for users — usually by teaching them not to click on suspicious links. But it puts a lot of the burden on the end user who often has to click on links or download attachments.
“I think we have to realize that we can no longer just put all our eggs in one basket and say ‘it’s up to you users, don’t click on things’, we have to make the environment safe enough around that so when they click on something shouldn’t it be the worst day in the world.”
A biometric future?
While advances in technology make it possible to create more metaphorical windows for cybercriminals to break into while giving them better tools to use against us, hope is not lost for us when it comes to security.
There is a common phrase in cybersecurity where many tools and technologies can be double-edged swords. What works as good protection can also be turned around and used as a weapon. But one area Lewis feels optimistic about is the field of biometrics, which he said serves as “a really powerful way to genuinely improve security,” especially when set up the right way.
“I’ve always been a proponent of multi-factor authentication, whether it’s biometrics or something. I also think convenience, my head is full of stuff, I’m useless at remembering my own phone number let alone someone else’s so actually another password is not very useful for me. So if I can use biometrics, whether it’s a fingerprint or a thumbprint or Face ID, it just makes my life easier.”
A concern around biometrics is usually about privacy – especially when it comes to storing personally identifiable data because you can’t get much more personal than a fingerprint or Face ID. Lewis said the onus is largely on the providers who implement facial recognition or other biometrics, but that while users may have concerns, transparency and consent around how their data is used will help them feel safer.
“I can tell you now that the security companies and the security settings probably protect the information a lot more than the privacy settings on social media,” he said. “I think there has to be a natural threshold between the safety benefits and the convenience.”
You can hear more from Toby Lewis in the first episode of Future Human: The Series, where we explore the future of cyber security in more detail with other cyber security leaders.
10 things you need to know straight to your inbox every weekday. sign up for Daily cardSilicon Republic’s roundup of important sci-tech news.
#biometrics #internet #shape #future #security