Black Hat Asia: In the era of 'trust attacks', what can we trust now?

News by Jaya Prakash

Cyber-attacks, phishing and malware is creating a culture of mistrust, according to a speaker from Darktrace at Black Hat Asia. Nothing can be trusted nor wished away.

A new cyber-threat has emerged and it promises to wreak more than just plain havoc. It is no longer about stealing data and the traditional hacking of websites.

The new threat, dubbed ‘trust attacks', is about changing – not stealing – the data of banks and other commercial enterprises such that these companies are made to look considerably poorer by the loss of such data.

In the process what these hacktivists want, or unwittingly want, is to cause mistrust between clients and businesses, triggering a wholesale collapse in their business relationships.

That is not all. Depending on the extent and gravity of damage to data, the resulting effects can cause “long-term reputational impact to individuals or groups, by eroding trust in the data itself,” said Sanjay Aurora, managing director Asia Pacific, Darktrace.

Trust attacks, Aurora stressed, make it harder than ever to separate real information from falsehood. That can be potentially damaging to hospitals and healthcare institutions because the malicious altering of data could result in mind-blowing consequences such as the horrendous administration of the wrong kind of medication and therapeutic care.

The manner such attacks can happen is cause for concern. They make government officials, corporate executives, investors and even the general public sit up, shift in their seats and take notice because the data they previously took at face value is no longer trustworthy.

According to the Harvard Business Review, 85 percent of industry leaders believe trust and reputation are the single largest cyber-threat to their businesses, Aurora said.

The attacks are carried out by the use of malicious algorithms that can mimic the behaviour of legitimate software. In no time they change enough of the code in real-time to deceive protective programs designed to keep the malware out.

“Clearly the battle has moved beyond the capabilities of humans or legacy security tools to monitor and detect. Unless these attacks are detected and prevented at a nascent stage they can easily undermine organisational reputation,” warned Aurora.

Those warnings were just the reminder the world received when British cabinet minister Ben Gummer was quoted in the UK's Independent newspaper saying that ‘large quantities of sensitive data', in the National Health Service and wider government, is being targeted by hackers.

Nothing should be left to chance and the world is far from the hunky-dory state many would have wished it to be, Aurora said.

If Gummer's warnings are to be taken at face value, the new wave of trust attacks show that cyber-criminals are good at adapting to new market opportunities and according to Aurora, “There are a multitude of weapons at their disposal.”


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews