Cyber Criminals have adapted their tactics

car theft like data theft

A few weeks ago, my car was stolen from outside of our house. The theft happened in the middle of the night and the thieves used a cloned key to open the car and simply drive away. None of my neighbours saw or heard anything and my dogs who usually bark at the sound of a pin dropping were quiet throughout the theft.

A few years back I was unlucky enough to have another car stolen but in different circumstances. Thieves broke into my house whilst I was sleeping. I disturbed them and there was an ugly confrontation but they managed to get away with my car. I then installed a burglar alarm, CCTV cameras and other preventative actions to stop or deter people getting into the house or car. None of those measures around protecting the perimeter of my property had worked this time as the criminals had changed tactic and found an easier way in, by cloning the details of my car keys and simply driving off without any hassle.

Criminals are the same in any sense

Working in the IT security arena I instantly drew some parallels with how cyber criminals are now acting to steal information. Most IT teams have invested heavily on securing their perimeter under the illusion that if we can deter or prevent the bad guys from getting in then they can’t steal anything. But, just like in the real world, the cyber criminals have adapted and now often they simply use compromised staff login credentials to gain access to company IT systems and then take their time to scour the network for information to steal. Just like the security systems I had put in place to detect a burglar, once they were in, no one knew they were there or what they were doing. Their job was easy and the risk of detection was low because often there are no systems to alert and alarm once someone is in.

Cyber CriminalWhen I discovered my car had been stolen and being a former police officer, I went straight into detective mode. I started to investigate what had happened to my car and to see if I could get it back. I managed to find evidence around the car as well as CCTV footage which traced their movements after the theft which I immediately informed the police about. Despite there being forensic evidence and CCTV footage the police did not have the resources to investigate the theft despite it being a high value vehicle and possibly part of a string of local car thefts.

Lack of IT Resource to protect against threats

This is the same situation as most organisations that we deal with. Speaking to IT teams daily I constantly hear how they are struggling to detect, and more importantly respond to, IT security breaches and threats. Like the police service, IT teams are having to deal with more and more incidents but often with no more resource, in fact often with less. They are stretched as it is and often lack the skills to investigate security breaches. It requires proper detective work and forensic investigation to appropriately deal with a cyber breach and it needs a fully equipped team to prevent the security incident from happening in the first place. That team also needs the right tools to detect threats as they are happening and stopping them in their tracks before they cause any damage.

What should you look for to help protect you?

When I was considering buying my replacement car, I looked at manufacturers who have taken measures to prevent keys from being cloned. Knowing that is still not enough as I have read of criminals smashing windows and then plugging a laptop into the cars on board computers and driving it off, I also looked at cars that have systems in place to alert me when the alarm is going off or if there is suspicious behaviour. I wanted a car that allows me to track its movements and where that tracker cannot be removed or disabled by thieves. I am basically looking for a car that doesn’t just protect the perimeter but also detects and alerts to suspicious behaviour.

I now have that car and have confidence that if someone tries to steal this one then I have a good chance of knowing about it wherever I am and being able to track and recover it if required. I also have the manufacturers team monitoring the cars systems and available if I need assistance in investigating its theft and being able to recover it.

In the IT world, I am surprised at how few companies have invested in similar systems and services to proactively detect, alarm and respond to cyber threats. The perimeter is no longer secure and people will find ways of getting in. The key now for IT teams is to reduce the time it takes you to detect and then respond to a security threat.

I work with a bunch of very clever people who provide just that service. To see how my colleagues can help your business, contact us today.