The Strongroom

Lessons from Mafiaboy, HP’s ex-hacker in residence

1st May 2018

Security

Written by Michael Russell

Since HP split from Hewlett Packard Enterprise in 2015, it's begun focusing on becoming an industry leader in security. It signalled just how seriously it’s taking its new mission by establishing a new Security Advisory Board late last year.

Former New Zealand Government Communications Security Bureau (GCSB) engineer, Justine Bone, is one of the three security experts on the board. She’s joined by cybersecurity consultant Robert Masse, and former hacker Michael Calce, also known as “Mafiaboy”.

I had the opportunity to hear from Michael at the second ‘HP Evolution’ conference in Melbourne this month. He has a fascinating story, having gone from one of the most recognised hackers in the world, bringing down the CNN, eBay and Dell websites at the age of 15 and creating 1.6 billion in losses for these organisations; to reforming and working for the likes of HP to create awareness around cybersecurity.

Michael shared some personal anecdotes as well as his views on what businesses need to do to rise to the challenge of cybercrime. Here are a few of the key takeouts:

Hackers are growing in number and sophistication...

One of Michael’s most eye-opening stories involved a Saudi oil business that produces ten percent of the world’s oil. They fell victim to a cyber attack that rendered 35,000 endpoints useless, cost the business tens of millions of dollars and took a full month to rectify. The attack started with a single machine being breached on a  train, using an ‘evil twin’ attack method. The hacker drove beside the moving train and managed to get access to the user’s device, kicking them off their WIFI session and getting them to access the net through their device. Yes, it sounds like a James Bond movie, but it was apparently easy to do and showed just how exposed we all are as mobile end users.

It’s much easier to become a hacker than it was in Michael’s day. Anyone can pay $50 for instant access to thousands of hacking tools. And with cybercrime rewarding hackers to the tune of $1 trillion last year, there’s every incentive for unscrupulous people to try it out.

...but the old methods are still effective

Despite the mind-boggling variety of new hacking methods available, phishing is still one of the most successful. The popularity of this fifteen year old attack vector shows we are simply not evolving fast enough, and that employees are still the biggest weakness in most firms’ defenses. Michael identifies end user education, along with endpoint device protection, as two critical pillars of cybersecurity.

The IoT is the new frontier of cybercrime

With over 20 billion internet-connected devices in operation today, such as baby monitors, pacemakers, gaming consoles and fridges, the IoT is the new cybercrime frontier. The mindset has changed for hackers; everyone is now a target with a dollar sign over their head. One frightening example Michael gave was of an ex-colleague taking control of 5,000 pacemakers, which he could have turned off had he decided to.

Cybercrime is possibly the biggest threat facing businesses today…

Businesses are tipped to lose an annual $6 trillion to cybercrime by 2020. In the US, the average cost of a major breach against an enterprise business is estimated at $8.5 million.  Michael’s view is that a serious breach would make most small to medium sized businesses fall over.

...and the threat extends to governments in every corner of the world

Michael and his peers are incredibly worried about the rise of cyberterrorism and nation state-sponsored hacking. He’s been into buildings full of hackers ready to launch attacks and steal information from other countries.  It’s a concern that’s shared by many thinkers on this topic; Warren Buffett is on record as saying last year that he believes cyberterrorism is currently the number one threat to humankind.

HP is investing heavily in products designed to combat evolving security threats

HP has identified BIOS level attacks as an increasing risk, and have launched a product - Sure Start - that provides hardware-enforced self-healing protection and recovery of the BIOS. HP Sure Run keeps critical applications and processes running even if malware tries to shut them down, and HP Sure Recover restores PCs to the latest image using a network connection. HP printers are unique in that they now have run-time intrusion detection capabilities.

The bottom line?

Businesses need to start thinking of cybersecurity as a top business priority. Security should be a constantly-evolving stack, with embedded security at the device level; continuous, real-time detection and response; and ongoing security consulting and guidance.

Origin Security has the people, processes and technology to keep your business safe from evolving security threats. For more information, get in touch with one of our security experts today.

Michael Russell

CEO

Mike brings his wealth of experience from his unique position as the founder of Origin, along with his client and industry relationships and passion for the company, to work every day. His key responsibilities are to ensure that clients have a great experience, that the business is commercially sound and that Origin has the kind of culture that attracts and retains talented people.

Join the Strongroom
Join The Strongroom and get a regular round-up of news and views to keep you up to date with the fast moving world of cyber security.