Data is the currency of the cyber world

Paul C Dwyer, ICTTF, mathematically describes an opportunity for Ireland (Image: Mediateam)

13 September 2016

The cyber threat landscape is increasingly characterised by organised, focused groups using proven techniques to target the new currency of the age: information.

That was the overarching theme of the 2016 Cyber Threat Summit in the Mansion House in Dublin.

In the keynote presentation, Paul C Dwyer, president of the International Cyber Threat Task Force (ICTTF), said that cyberspace has, led by the USA, been declared the fifth domain of warfare, after land, sea, air and space. But in this new domain, it is information that is the currency of choice.

Dwyer said that the most successful companies in the world today are the data brokers. The bad guys now are becoming data brokers, following exactly the same models: acquiring information and re-selling it to as many buyers as possible.

Paul C Dwyer, ICTTF, mathematically describes an opportunity for Ireland (Image: Mediateam)

Paul C Dwyer, ICTTF, mathematically describes an opportunity for Ireland (Image: Mediateam)

€2 per record
The TalkTalk example was cited, where the hacker named “Martian” had at least 400,000 record on sale on Alphabay, an allegedly Russian Mafia supported dark net exchange, for less than €2 per record. This gave the haul a potential value of around €750,000.

Dywer said the hackers mirror legitimate businesses in that they will attempt to re-sell the information in as many ways as possible, as many times as possible to maximise returns from their efforts.

Beyond this, he highlighted striking similarities between the hacking targets of certain state-sponsored, or state-associated, groups such as the Chinese Army Unit 61398, and the ambitions of certain governments. Dwyer pointed out that there was a distinct correlation between the stated economic development areas of Chinese Government five-year plans and the hacking targets of various groups.

Dywer also highlighted the effort and sophistication of the cyber endeavours of the terror group ISIS. The Cyber Caliphate, said Dwyer, “is more important as ISIS loses territory”. He added of certain service providers hosting and serving content for the group, “there is conscious collusion between some of these providers and ISIS”.

‘Unwitting agent’
Political developments in the west were also contributing to the general state of uncertainty and fear too, as Dywer cited a former director of the CIA, Michael Morrell, who has labelled Donald Trump as an “unwitting agent” of Vladimir Putin. Dwyer stated that the Republican US presidential nominee was not helping in the effort to combat cyber-crime, as “hate does not beat hate”.

Dwyer said it is somewhat ironic that thus far, the most effective measures against ISIS have been from Anonymous.

The concluding message for the information and technology industry was clear: there is no strength without unity – work together, share intelligence and disrupt the bad guys.

The theme of sharing and cooperation was elaborated upon by Chief Superintendent Garda Michael O’Sullivan, who began by saying, “There is no silver bullet for cybersecurity. A layered response is the only protection.”

Chief Superintendent O’Sullivan highlighted the areas of cooperation between the Garda Computer Crime Investigation Unit and the Centre for Cyber Crime studies in UCD, which is supported by EU Commission funding.

He detailed the close cooperation between Interpol and the Gardaí under such groups as the Joint Cybercrime Action Taskforce (J-CAT), as successes that increase the capabilities of all involved. Though he did note wryly, that such was the success of these engagements the Gardaí had lost very capable and valuable personnel to positions within Interpol.

Chief Superintendent O’Sullivan also noted that important steps had been taken to facilitate the investigation of cybercrime. He said that the European investigation order will do for evidence request what the European arrest warrant did for extradition.

Child protection was another key theme at the summit, with Grainia Long, CEO, ISPCC, enjoining the security professionals attending to make a difference individually to raise awareness and protection for child safety online.

Long cited a Vodafone survey which found that online bullying is regarded as worse than face to face bullying by more than half of school age children.

“I am more worried now that I was 12 months ago,” said Long.

“This year I am particularly worried about social media as used by criminals, adults and in some cases other children to coerce and manipulate.”

Read More:

Back to Top ↑