Would you Rob the Boston Mercantile Bank?
Some may have already guessed what this blog post is about. The Boston Mercantile Bank is a fictional bank which was robbed by Steve McQueen's character in the original version of "The Thomas Crown Affair." Thomas Crown robbed the Mercantile not because he needed the money - he did it because he was generally bored. Back then in 1968, to rob a bank you needed bagmen and a wheelman. But our modern bagmen have different reasons, and sometimes, if not more often, different objectives.
201X is becoming the decade of hacktivism. We are repeatedly seeing records set and broken for the amount and size of attacks. Growth has been exponential to global political and financial discord. Moreover, given the current efficiency of hacktivist attacks - such as WikiLeaks revenge attacks (December 2010), South Korea DDoS attacks (March 2011), Operation Megaupload (January 2012) and the now, more than year long, multi-vulnerability and multi-vector Operation Ababil - we believe this will only serve to encourage even more actors to enter the picture, and spawn a vicious cycle of future malicious activity.
Think you can you put a dollar amount on customer dissatisfaction, angry support calls or even customer attrition?
However, the main reasons for hacks and attacks are still very much personal gain and often notoriety, be it individuals or organized crime. But as the summit between the U.S. and China made clear this past June, there is an increasing awareness of state-sponsored hacking.
Let's stick with Boston for the moment where you would find offices for Goldman Sachs. Their office sits atop Interstate 93. I-93 is critical to local traffic, even - as its name suggests - to interstate traffic, but some could argue that Goldman Sachs is critical infrastructure to the U.S., if not the global economy. The free flow of capital is fundamental to our globalized economy, but to facilitate that requires the juxtaposing requirements of openness and security. Money is exchanged though essentially an API - Mr. Crown's moment of opportunity, the mass money transfer, rarely occurs. Enterprises do, however, still spend an inordinate amount of money on Firewalls, IPS and other perimeter security. But today's Thomas Crown is more than likely a "bored," disenfranchised individual, who has the tools and know-how to reduce the Gbit connectivity of the parochial Shawmut Bank to a dial-up connection. This type of person can instill fear and uncertainty in their deposit holders, as they are unable to view their account balances, make everyday payments or execute cash transfers.
The 21st Century runs on immediacy; it demands it and is most fearful when it's not available. Immediacy is as much a currency as the dollar, and, in many circles, considered more valuable. Up until now, I have barely even mentioned DDoS, which is one of today's greatest threats to the finance sector's value and reputation. I mention this because DDoS is changing, and quickly. We often see increasing application-aware DDoS attacks, and, more recently, a surge in SSL-based attacks.
Today's Mr. Crown is not just putting glue in the bank's locks. He has entered a whole different ball game. Now, the motives are similar but the results differ: $2.6 million in insurable losses versus reputation and lost transactions revenue. Think you can you put a dollar amount on customer dissatisfaction, angry support calls or even customer attrition? Any company that falls prey to a DDoS attack tends to be the poster child of "what not to do," and the ensuing fallout can typically be a "refresh" of the IT team that allowed the disruption as well as time and money spent to regain the trust of the public once again.
Garside is currently a Product Manager for Radware, supporting and furthering the Radware Security Portfolio. Garside possesses nearly 20 years in security development, management and implementation. His previous roles include Product Manager for CRYPTOcard, Computer Associates, Eircom and Syphan Technologies. Garside has also managed security solutions in the SME sector delivering perimeter security, IDS, FW and Point2Point VPN's before expanding business to offer remote support, hosted applications and mobility services.