With 34 million samples of malware detected last year, hackers are working overtime with creating nearly 47,000 new malicious code every day, which is causing a “heavy progression of issues“ growing at an alarming rate, said Dave DeWalt, CEO and president of McAfee, at the McAfee Public Sector Summit held yesterday morning in Washington, D.C.
Delivering his keynote speech to a crowded room of industry insiders and members of the press, DeWalt spoke about the daunting velocity at which malicious code is being developed and how the number of breaches has climbed exponentially during the past years.
“We’ll see 21,000 new malware by the end of this event,” the McAfee executive said, referring to his 40-minute presentation. “The volume and the sophistication of malware are exponential.”
Speaking about the disconcerting issue of an ever-expanding threat landscape, DeWalt brought the audience back to last year's highly publicized cyber attacks on major businesses and government agencies. Calling Operation Aurora the largest attack on commercial critical infrastructure, DeWalt spoke about how 150 companies, including Google, Adobe and Juniper, were targeted with a zero-day attack that exploited Internet Explorer vulnerabilities to gain access to computer systems. The exploit downloaded and activated malware within the systems in an attempt to steal intellectual property, critical company data and source code, and sought further systems vulnerabilities. According to Dewalt, 64 percent of the hacked companies said the attack had affected their operations in a major way.
Although highly coordinated and sophisticated, the cyber heist was done very sloppily, DeWalt later told reporters at a Q&A session. Comparing the incident to a crime scene, DeWalt said the way a careless perpetrator leaves fingerprints and DNA behind, the Aurora hackers did the same thing–only their forensic evidence was malware left on servers.
While most people see personal computers as the most common target for hackers, DeWalt listed other technologies vulnerable from a security standpoint, including USB drives, cellphones, servers, ATMs, avionics, medical devices, and cars with computer systems that be easily penetrated. Often forgotten when security measures are implemented at an enterprise, DeWalt said the printer with its ability to store vast data and its imagine-capturing capabilities is the most dangerous device to fall into the wrong hands.
DeWalt discussed which precautions businesses can take to protect themselves, including ensuring all endpoints are GTI enabled, employing whitelisting technology to protect servers, securing perimeters with a firewall that uses GTI, intrusion prevention system and anomaly detection, and turning on DLP at endpoints and perimeters.
But even with the most advanced security technologies in place, the human element is always a risk. Individual hackers, cyber-crime gangs, disgruntled former employees who are able to access systems long after being pink-slipped, and insiders who come to work in a company with bad intentions all form a precarious, human component.
With recent discussions about the United States' engagement in a cyber warfare and claims from former Director of National Intelligence Mike McConnell that the nation has fallen behind others in cybersecurity, DeWalt offered a different perspective, saying while there is no global law and “no world entities acting together,” there has been movement forward in establishing a more secure realm. What everyone needs to do, DeWalt said, is to figure out “how do we come together” as public and private sectors.
As for United States being involved in a cyber warfare, DeWalt said recently more than 20 nations have armed themselves with offensive cyber capabilities, “a number that’s gone from zero from two years ago,” he added. Instead of just protecting themselves against cyber attacks, countries are now in a “state of readiness… a Cold War environment … and that’s certainly scary,” DeWalt told reporters.