The cyber security firm Nuix compiled a recent report, ironically called the Black Report, based on interviews with active so-called “White Hat” hackers. White Hat is used here in the context of someone that’s doing ethical work at the invitation of their client to break into a network and then show how they did it (and return the data).
This makes them different from “Black Hats” because those people are willing to bend or break some rules (and laws) for a wide variety of reasons. Those reasons can include political, monetary, internet gangsta cred, or just trolling for lulz. The report has been created by Nuix as a warning to help communicate this concept:
“…the business needs to understand: This is not a game, the threat is real, and we either take preventative measures now or (much more difficult and expensive) reactive measures later.”
It’s essentially a re-statement of the age-old sentiment, pay me now or pay me (much more) later. Not to be too alarmist here, but clearly attacks are increasing and happening everywhere. No data is completely safe.
Some of the key numbers from these interviews:
- 81% of the hackers said they could attack your network and escape with your data within a 12-hour period.
- 50% of them used a different technique for every attack.
- 84% use social engineering-get the target to help with the attack.
- 69% say they are almost never caught by the existing security team.
Nuix conducted these interviews during the Black Hat USA and DEFCON 24 conference last year. One individual was quoted:
“The only difference between me and a terrorist is a piece of paper [a statement of work] making what I do legal. The attacks, the tools, the methodology; it’s all the same. Besides … I’m far too pretty to be in jail.”
A Unique Perspective
Rather than reporting just on what was taking place, the research gave Nuix (and us) hard data on how it was happening. The authors discovered which countermeasures were effective and which were useless. Some of the effective defensive practices that are thought to be totally arbitrary instead have a tremendous impact. This point of view isn’t based on official opinions, but on what the hackers said first hand – how they actually do their work. As the report states, “perception and reality are in desperate need of realignment.”
Phishing is overwhelmingly the most common attack vector because its’ so easy to do. The attacker can send thousands of automated phishing emails and wait for people to open them. Just one carefree person clicking on a link or opening an attachment can provide the hackers with the access they need to get in.
The lead author on the report is Chris Pogue — Chief Information Security Officer, of Nuix. They provide “answers for investigation, cybersecurity incident response, insider threats, litigation, regulation, privacy, risk management, and other essential challenges,” per the About section of the Nuix website.
Chris is their Chief Information Security Officer and head of the Cyber Threat Analysis Team. He’s responsible for Nuix’s internal cybersecurity measures and manages the company’s security services organization. The report is available on the Nuix website at: