, ,

Cybersecurity Requires a Great Offense…

Written By

Sean Goldstein

The adage “The best defense is a good offense” was first said by George Washington in 1799, “…offensive operations, oftentimes, is the surest, means of defense.” In the midst of the current cyber security crisis, it may appear that defense is the best choice—intrusion detection systems, penetration tests are all good, but in and by themselves may not be your best or only choices. Crises often present opportunities, but businesses and individuals can benefit from both clear analysis as well as reasonable offensive planning. 
 
Analyze the Macro Environment – Cyber Crimes
 
As best as statistics tell us ransomware is rampant, phishing attacks are a way of life, data breaches, denial of service (DOS), and companies being shut down are common news. We know it can and has gotten much worse with nuclear centrifuges being destroyed, aircraft and auto navigation systems being compromised, pacemaker settings being modified, blood labs being stolen, and the list goes on. What do most hackers want? Data that can be monetized or that provides some type of competitive advantage. What we have experienced thus far is simply just the beginning. Until systems and networks can be fully secured, which is estimated to be ten to fifteen years off, only those that act smarter will have reasonable protections.  
 
From an offensive positioning standpoint, bunkering down and waiting are not the answer. Just look at a few of the data frauds (identity thefts) that are regularly and consistently perpetuated in the United States: 
 
•    IRS – personal information (PII) and money; 
•    Social Security – personal information (PII) and money; 
•    Medicare – personal information (PII), protected health information (PHI) and money; 
•    Credit reporting agencies – personal information (PII) which allows further data breaches along with payment card industry (PCI) requirements; and 
•    Banking – personal information (PII) and money. 
 
If we agree that these are some of the most significant and exposed areas of our economy, then why are we not doing more to protect ourselves and our businesses?    
 
Begin Some Offensive Planning – Cybersecurity
 
Government Sites – IRS, Social Security, and Medicare 
 
The IRS, Social Security, and Medicare have created online environments so that you can view information regarding your profile, related activities, and payments. These accounts can provide helpful tools to individuals such as tax, retirement, and healthcare planning. One reason to sign up for these accounts is to protect yourself as the data stored in these environments is extremely valuable to cybercriminals. Through these sites, one can see personal data, health information, and at times initiate payment methods. 

Corporate – Credit Reporting Agencies, Banking 

The Credit Reporting Agencies, as well as Banking Institutions, have created online environments so that you can view information regarding your profile, conduct transactions, and related payments. These accounts can provide helpful tools to individuals such as financial modeling, account management, and payment transactions. It is also prudent to sign up for these accounts is to protect yourself as the data stored in these environments is again extremely valuable to cybercriminals. Through these sites, one can see personal data, lists of your assets, and payment methods. 

Other – Social Media & Email

Instagram, Facebook, TikTok, Gmail, and the like have created “open” online environments so that you can communicate and share information. These accounts have become a way of life and provide helpful tools to individuals such as email, posting, chatting, and other ways of connecting. If you use these sites, use them with caution. False posts, fake pictures, giving up too much information about your location or vacations are a few of the concerns that arise from these systems. These sites allow authorized and unauthorized readers access to anything you show, say, post, or repost.  

Here is What You Should Do – The “Offensive” Plan
 
Regardless of whether it is a Government, Business Institution, or Social Media site, make sure to initiate dual-factor authentication (DFA) and monitor regularly. DFA, also known as multi-factor authentication (MFA), will notify you every time someone tries to log into your system. It is best you set this up before some bad actor does. Log on at least once a month, look for wrong addresses, payments, other information that is not yours. Take an offensive position and notify the government agency as quickly as you see any possible malfeasance.  

Regular systems updates, weekly patching, and tabletop exercises are other methods to improve your security posture. How often do you debrief with your Security Operations Center (SOC) to better understand your risks? Has your organization reviewed the offensive actions it can take and made these activities a part of its Cyber game plan? 

Summary

When it comes to cyber security be diligent, take an offensive position to compliment your defensive planning, and become your own best advocate. Businesses sometimes contract Security Operation Centers (SOCs) to address their defensive security posture. But nobody knows better than you if your security has been compromised, and these self-directed safeguards are the best that are available at this time.   

About Capsicum:

Capsicum was founded in 2000 within the law firm of Pepper Hamilton, LLP. (now Troutman Pepper Hamilton Sanders LLP.) Charged with providing technology consulting support to their clients, we soon realized that the need to understand, collect, and forensically analyze digital data went far beyond what we were handling: We began our journey as general technologists, but quickly became specialists in digital forensics. Our areas of expertise soon evolved and expanded into forensic investigations, cybersecurity, discovery, electronic and paper recovery, security, regulatory compliance, and incident response retainers. In 2002, Capsicum became an independent consulting company that focuses on these core services. Employing high-caliber experts and a unique understanding of data, technology, and the law, we support organizations that need technological proficiency to run their companies and when they come face-to-face with difficult tech, legal, and regulatory situations. Capsicum is headquartered in Philadelphia, PA with offices in New York, Florida, Texas, and California.