There’s a book called The Black Swan, written by Nassim Taleb, that outlines what he calls “black swan events” and how to prepare for the unexpected. He describes a “black swan event” as an event that’s unprecedented, unpredictable, and with far-reaching impacts. COVID-19 meets all of those criteria easily.
I recently had the pleasure of sitting down with former RSA Chairman Art Coviello to discuss the impact of COVID-19 on cybersecurity teams. It was a humbling conversation. The business impacts of this pandemic aren’t isolated to any one corner of the marketplace - it is affecting all industries in some way (and some more than others, as we’re seeing with the travel/leisure sector). I’ve summarized our conversation on what security leaders should be thinking about during this black swan event.
Fraudsters are Chaotic Evil
Unlike during the 1918 flu pandemic, workers today are fortunate to have the internet and new technology that has allowed businesses to still operate and people to still connect. Our economy can continue. However, with this technology comes exposure to a new form of chaos that society in the 1910s didn’t need to think about. Bad actors see this moment as an opportunity to wreak havoc. While the world is dealing with this crisis, fraudsters see dollar signs amid the chaos.
At White Ops, we have seen attacks on humans’ accounts increase because there’s been a surge in e-commerce with the implementation of stay-at-home orders. Account takeovers have become the name of the game: Bad actors will use millions of sophisticated bots to enable credential stuffing or credential cracking attacks to gain access to accounts and steal personal information, such as bank and credit card information. Because there’s been such a surge in e-commerce, sophisticated bots’ operators think they can hide among the noise.
Art shared a poignant story about a small restaurateur in New Hampshire prior to COVID-19 whose systems became infected with malware. As they dug into the issue, it was discovered that this was happening to restaurants across the state. Sophisticated bots planted malware in their systems in order to gain the credentials and use those credentials to make some money for themselves. Whether a business is big or small, without proper bot mitigation, they are susceptible to sophisticated bot attacks, especially now. Threats have only exacerbated since the beginning of this pandemic.
Another book Taleb wrote that Art mentioned was Antifragile, which dives into the idea of not just withstanding difficult times, but becoming better from it. It goes beyond resilience from the knowns, it’s being able to come out the other side of unknowns. Art likened this to cybersecurity: to get through both the known and unknown threats out there, you must have a full bot mitigation plan that shows a comprehensive view of cyberthreats. Traditionally, professionals have focused on the fraud event which is considered the “end” of a cybercrime given the crimes that had to happen to get to that point. For example, someone noticed that there was a new login on their bank account and there was money missing. The fraudster who did this achieved their end: they made money. Prior to signing into that bank account, the fraudster had to acquire real credentials and figure out a way to login that wouldn’t trip a notification to the victim. One of the ways a cybercriminal could do this is by purchasing an anti-detection browser package that includes stolen credentials (usually from a data breach) and a customizable browser. A string of fraud and cybercrimes had to happen in order for that one fraudster to log into that bank account. To have a global view of cybercrime, there needs to be a strong threat intelligence power and real time detection capabilities. This is why Art invested in White Ops and our technology in 2015. We are built on the belief that by looking at the whole fraud journey, rather than the one event, we can fight against the unknowns and win.
Changing the Game
It is not enough to just detect bots and respond afterward. With enterprises in financially precarious situations, the last thing they can afford is to lose more money to fraud. If we want to have a real shot at fighting back, and even more importantly win the war against fraudsters, we have to change the game board itself. We have to change the economics of cybercrime in our favor by making it more expensive for our adversaries to commit the crime than it is for us to implement defenses.
To do this, we believe in a comprehensive approach with an emphasis on collective protection. That way we won’t just find sophisticated bots, but we’ll stop them in their tracks. What often goes unnoticed is that it’s the same fraudster that’s hacking into bank accounts on one end of the internet and making fraudulent purchases on the other end. All fraud use cases are made up of black hat hackers and human victims. By protecting the entire internet together in a privacy-sensitive way, rather than protecting in smaller silos, we can stay ahead of the bad guys.
One of White Ops’ core values that I feel is especially pertinent right now is “Create Tau.” This was the idea of my co-founder, Michael Tiffany, with the intention that when you bring together strong technology and amazing humans you can tip the scales of the universe towards good. With our scale (we verify the humanity of 5 trillion interactions a week) and our swift decision making (we can make “bot or not” decisions in 5 milliseconds or less), we are able to help all enterprises keep their accounts human especially during this crisis. It’s all here, so are you ready to put on your super suit?
Watch the webinar from which this summary came: