Phone in the right hand? You're a hacker!

Thursday - 23/08/2018 08:37
Hackers are finding it too easy to circumvent traditional cyber defences, forcing businesses to rethink their security strategies. Many firms are now harnessing big data and adopting cutting edge verification checks.
Phone in the right hand You're a hacker
Phone in the right hand You're a hacker
In fact, some can even identify you by how quickly you type your computer keys, or how you hold your mobile phone.
 
In these days of regular space travel, nanotechnology and quantum computers it is easy to believe we live in an age plucked from the pages of a science-fiction novel.
 
But there are some aspects of this shiny, computer-powered era that look more feudal than futuristic.
 
Consider the way many organisations protect themselves and their staff from cyber-attacks.
 
The high walls, moat and drawbridge are the security tools, anti-virus and firewalls they use to repel the barbarians at the gates trying to breach their cyber defences.
 
But now, that castle metaphor is really starting to break down.
 
Outer defences
 
The first issue is mobility. Digital fortifications worked well when all staff sat at desks, used desktop computers and were concentrated in a few buildings.
 
But now many work from home, airports or coffee shops and use their laptops, tablets and phones on the go, to work at all times of day.
 
Typically once attackers have penetrated a trusted network they find it is easy to move laterally and easy to get to the crown jewels.
 
That's because all the defences point outward. Once on the inside there is usually little to stop attackers going where they want to.
 
Tumbling walls
 
In a bid to get beyond this outdated thinking many organisations have torn down the old castle walls in favour of a model known as the "Beyond Corp" approach.
 
Assumes every device or person trying to connect to a network is hostile until they are proven otherwise.
 
And it obtains this proof by analysing external devices, how they are being used and what information they are submitting.
 
This encompasses obvious stuff such as login names and passwords, as well as where someone logs in from; but it also relies on far more subtle indicators.
 
It can be how quickly do you type the keys, are you holding the device in your right or left hand. How an individual uses a device acts as a second layer of identity and a different kind of fingerprint.
 
Gathering, storing and analysing all that data on those individual quirks of usage was the type of big data problem only a tech-savvy company such.
 
However, as familiarity with big data sets has spread, many more big firms are adopting the Beyond Corp approach when organising their digital defences, he says.
 
One big advantage is that Beyond Corp turns a firm's network into an active element of defence.
 
In the castle and moat approach the network was passive... But beyond Corp involves continuous monitoring where you are constantly using the network as a sensor or a way to get telemetry about what's going on.
 
The analysis done when users join a network makes it much easier to spot when attackers are trying to get access. That's because the authentication step will flag any anomalies meaning security staff will find out quickly that something suspicious is going on. Anything other than normal login behaviour will stand out.
 
Faster detection
 
It can also mean a "significant reduction" in time to detect threats.
 
The industry average is about 100 days to spot threats. With Beyond Corp you should be down to hours not days.
 
In addition, Beyond Corp can "limit the blast radius" if a breach does happen.
 
This is because it usually involves dividing up a company's internal network so users only get access to applications they are approved to use.
 
The mass of data gathered on users, their devices and the way they act once they have connected may appear bewildering to many companies.
 
However, advances in automation are increasingly helping them keep a handle on the millions of events that now occur on their systems.
 
If you are expecting to secure your estate by having humans watch TV screens you are probably going to be too late to spot it. Human reactions are always going to be much slower than automation.

Total notes of this article: 0 in 0 rating

Click on stars to rate this article

  Reader Comments

Security Code   
online
  • Sales

    Sales Manager

    +(84)982 55 66 97

    info@wasit.com.vn

    Sales 01

    +(84)923.886.191

    sales@wasit.com.vn

    Sales 02

    +(84)19002217

    sales01@wasit.com.vn

  • Technical

    Error handling

    +(84)19002217

    support@wasit.com.vn

    Consultant

    +(84)19002217

    kythuat@wasit.com.vn

    Implementation

    +(84)19002217

    kythuat@wasit.com.vn

Couter
  • Online11
  • Today2,398
  • This month279,505
  • Total5,069,498
You did not use the site, Click here to remain logged. Timeout: 60 second