At the frontline: The cyber threat is becoming ever more subtle

 
Philip Salter
Follow Philip
Chinese Youngers Play Online Games At An Internet Cafe In Wuhan
We are seeing a move to much more subtle, stealthy threats (Source: Getty)

On any given day, typing the words “cyber attack” into Google News will give you a fresh medley of hacking stories. Hollywood and Edward Snowden may have romanticised the perpetrators of these crimes, but behind most of the headlines sit one or more business owners who are the victims of these devastating breaches.

Darktrace and its 330 odd employees is on the frontline of the fight against the growing menace, employing machine learning techniques based on the biological principles of the human immune system to try to combat cyber threats. Founded three years ago by a group of mathematicians from the University of Cambridge, it is now valued at $500m and backed by former Autonomy entrepreneur Mike Lynch.

At a recent Leap 100 breakfast, one of the company’s co-founders Emily Orton gave a detailed overview of the threat landscape to a room full of entrepreneurs, in the process scaring the bejesus out of a fair few of them. Orton is responsible for worldwide marketing for Darktrace, having previously worked at Autonomy and Invoke Capital.

Read more: Philip Hammond warns cyber attacks risk plunging UK into darkness

According to Orton, “most of us think about big hacks – for example, TalkTalk and Anonymous – but while that gets a lot of the media attention, the direction we are seeing it going in is far more challenging.”

“The most concerning threats that we are seeing are not necessarily targeting your data to take it out of the organisation,” says Orton. “We are seeing a move to much more subtle, stealthy threats that are much better at blending into the network and noise of your day-to-day business. They might want to get insights that they can then feed back into the market.” Darktrace has uncovered some long-term presences that have been hanging around in a company’s network for many months.


Emily Orton

A growing threat comes from trust attacks, which aim not to take data but undermine the reputation of the company. “Imagine you’re a healthcare company with a lot of patient data. The idea that someone could change even subsectors of that data is far more concerning than a bread and butter data breach, because it could destroy the integrity of the data.”

Entrepreneurs are also increasingly faced with ransomware attacks, which block access to a computer system until a sum of money is paid. “We had a small charity in California that got hit by a ransomware attack,” says Orton. “You might think: why would anyone want to hack a small Catholic charity in Santa Clara? Well, they are a really easy target. People go after the low hanging fruit before they do the more sophisticated stuff.”

And then there is the growing exposure through the internet of things. “The fact that we can connect everyday objects to the network is an absolute nightmare for security,” explains Orton. Darktrace spotted some abnormal behaviour at an insurance company. “It was an IP address that we didn’t recognise and a lot of data was leaving through the device. We investigated and found that the compromise was with the new air conditioning.”

Read more: Cyber security innovators are taking on the criminals on their own turf

US retailer Target Corporation was hacked through network credentials stolen via the refrigeration subcontractor. This supply chain risk is something Orton expects will catch the attention of UK and EU regulators – we have already seen New York start to regulate third-party suppliers.

Finally, there is that ever-present insider threat, which isn’t always malicious. “We were working with a games company in the UK”, says Orton. Their intellectual property is very important to them because they have groups in China ripping off their games. The company launched a new game but there was a localised version within two days – something that would have taken developers at least six months to copy.

“We found there was a user who was regularly sending out source code back to his personal email account on Friday,” explains Orton. “He loves developing, so he wanted to do it on the weekend with a beer in his hand and the TV on.”

You can’t talk, write or work around cyber security without appearing pessimistic. Darktrace and the wider industry is growing on the back of real and present dangers, which are forcing governments to act. But Orton is at pains to strike a tone of optimism and is “very encouraged to see the government investing in this area”. This isn’t something that government can do on its own, though. The private sector is going to have to do much of the heavy lifting.

Related articles