Cyberwar: We Are All on the Front Line

On October 16, I attended the Cyber Security Finance Forum in Washington, D.C., and received quite a wakeup call. Speakers such as Jay Cohen, US Navy Rear Admiral (retired) and former DHS under Secretary for Science & Technology, gave insights into the problems we are faced with. Admiral Cohen reminded us that “we are at war [and] for the first time everyone is on the front line.”

During the forum, we heard several stories about how in many cases small businesses and individuals were being targeted by hackers and identity thieves instead of big companies, because they are “soft targets.” One story talked about how a small industrial business in the middle of Maine was hacked. Its bank records were compromised, and its bank was tricked into wiring $25,000 to an account in Russia.

While individuals and small businesses may be the new front line in the cybersecurity war, the explosion of the cloud, tablets, smartphones, and other networked mobile electronics certainly makes us all more vulnerable.

As data and software continue their migration to the cloud, accessed by mobile devices, the possible threats are infinite. These days I think even my stapler has an IP address, a 10-megapixel video camera, and can turn itself into a WiFi hotspot. I am now suspicious of the stapler, so I powered it down and put it in the desk drawer so it will not spy on me or attempt to hack into my bank records. But jokes aside, cybersecurity of mobile electronics is starting to become a big problem — and a tremendous technology business opportunity for those that tackle it.

Typically these threats come in four main types:

  1. Fraud:
  2. Someone is trying to steal money

  3. Data theft:
  4. Someone seeks to steal data for industrial or state-sponsored espionage, or simply to embarrass the target

  5. Probing attacks:
  6. Someone seeks vulnerabilities for future bigger attacks, and performs probes without harming anything (yet)

  7. Nuisance attacks:
  8. Hackers often launch a denial-of-service attack to shut down some service or business just because they don't agree with its philosophy or politics

Clearly, there is an enormous market opportunity for enterprise software that performs tasks ranging from intrusion detection and prevention, data backup and protection, malware identification, forensics, and data recovery. But what about opportunities in the electronics software space? The trend is clear that applications and data are moving to the cloud, to be accessed by a tablet, a smartphone, or other wireless device. Often the mobile device is the weak link in the chain, leading to the most vulnerable path to corporate or personal data. And in this new era of Bring Your Own Device (BYOD), these devices are uncontrolled.

There are many opportunities in the mobile electronics market for cybersecurity solutions. As with any requirement in the electronics space, these functions may be implemented in software, hardware, or a combination of both. The trade-off is usually the flexibility of software versus offloading some key functions such as encryption to a dedicated co-processor.

Key needs include the following, with varying degrees of maturity in today's mobile platforms:

  • Data encryption and authentication: How do I know my Facebook chat conversation is not being intercepted at Starbucks? How do I know that my Yahoo email password is not being passed in clear text?
  • Payment card processing:
  • How do I make sure my credit card number is not compromised when I buy something? How do I make sure that I don't get improperly charged when using near field communication (NFC)?

  • Voice encryption:
  • How do I make sure my wireless or VoIP call is not intercepted? How does law enforcement ensure that it can be intercepted?

  • Malware prevention:
  • How do I know whether my smartphone does have malware, and what do I do about it?

  • Prevention of denial of service attacks:
  • What happens when a critical mobile device is targeted by a packet flood attack?

  • Digital rights management:
  • How does Marvell Studios know whether the copy of The Avengers I am watching on my tablet is legit?

  • Data protection and theft recovery:
  • If my device is stolen, how do I prevent theft of my data and retain my data for my future use? How do I find my stolen device?

  • Forensic triage:
  • If law enforcement or intelligence agencies seize the device in an investigation, how do they determine quickly whether there are illegal materials on the device?

  • User authentication:
  • How does my phone or tablet know that it's really me?

  • Spyware:
  • How can companies be sure that Bob the delivery man is really driving his truck instead of sitting at home?

  • Network monitoring and policy enforcement:
  • How can I determine what wireless devices (mobile and WiFi) are in my office? How do I know if they are approved or rogue? How do I find and shut them down if they are not approved?

  • Application testing:
  • How do we know for sure that the latest update to the free smash-the-pig game didn't actually install malware?

It really is like the wild, wild, west for security in mobile devices. Since this is an M&A column, I would be remiss if I didn't mention the acquisition environment for companies in these spaces. In short, the outlook is very good.

Several of the panelists in the cybersecurity conference talked about the fiscal cliff, sequestration, and eventual cuts to defense spending. But the overriding sentiment is that spending on cybersecurity will not be cut and in fact will probably increase. With government spending cuts in other areas increasing, this should cause more integrators and contractors to grow their businesses by acquiring expertise in the cybersecurity arena. This will trickle down into the embedded space as well. We will continue to see chip and hardware companies buying security software and IP companies for one reason: they have to.

If your company would like to understand its prospects for an M&A transaction, feel free to reach out to me at . The McLean Group was recently named by Global Security Finance as one of the top 10 financial advisors (investment banks) for M&A transactions in the cybersecurity space. You can download the entire report .

16 comments on “Cyberwar: We Are All on the Front Line

  1. prabhakar_deosthali
    October 20, 2012

    First the simple viruses, then spyware and malware, then the Bot nets and so on.. The cyber attackers are always on the move as the protection mechanisms -such as firewalls, Anti-virus software, the secure protocols or the data encryption algorithms get developed.

    So it is technology business Vs Technology anti-business.

    And like other physical stealing and robbing techniques are improving day by day , the soft technological hacking techniques are getting developed at much faster rate than the actual applications themselves.

    One of the key reasons for the vulnerability to the cyber attacks is the inability of the software community to guarantee a bug free software – the bugs which the developer community is unable to unearth, the hacker community gets hands onto them in no time . It is like those smart lawyers who find the loopholes in the newly made laws before the general public finds out  the exact use for them.


    Yes we are at war and all of us have to be on the Front Line




  2. _hm
    October 20, 2012

    This is new point to ponder. Both government and business are equally worried. It may be able to control part of crime. But when it is state sponsored crime, it will be very difficult. With advent of this cyberwar, espionage will become more simplified and less riskky.


  3. ITempire
    October 21, 2012

    @ Brent

    Thanks for the 12-point questionairre about the cybersecurity self-assessment.

    I was really moved by the list as I have never concentrated on these points (which are also relevant to the individuals) despite the fact that these threats contain a high likelihood to endanger my system. If I as an individual should work on these security measures, a SMB or a corporate should definitely work on it.


  4. ITempire
    October 21, 2012

    @ _hm

    Due to cyber-war between countries, we as individuals can get affected when a government website such as government taxation portal or a national identity record system gets hacked. Directly we might not get affected as in such a war, individuals' accounts are not a target as impact is too small.

    Also, usually this is done without disclosing identity and is like a cold war therefore we can see presidents of 2 fighting countries (fighting on cyber platform only) warmly shaking hands at a conference while at the same time agencies grabbing each other's neck. The point is that we might never know who was really behind the attack.

  5. Anna Young
    October 21, 2012

    I agree we are all on the warfront in the cyber war but are we all equally prepared for this? Are we all able to fight and can we all adapt to the dangers involved?

    October 22, 2012

    I guess in the olden days you'd hear about the odd bank being robbed of 100k by masked axe weilding hardmen.  Nowadays it is the silent robber who steals 10 bucks here and 1 buck there from millions of accounts unbeknown to anyone.  This crime is far more insidious and difficult to counter.

  7. Barbara Jorgensen
    October 22, 2012

    Interesting blog. I have a question: of the must-have list for software, do all packages have to have all those features? If so, are they easily downloaded? Are these enterprise-based or device based? The reason I ask: I can't imagine going down that list and finding a solution that meets each need. If it can be downloaded and automatically set, even better. But how much does a typical consumer need to have?

  8. Ariella
    October 22, 2012

    @flyingscot exactly, picking up a little over many places can be far more effective than a lot in one place — and a lot harder to trace.

  9. mfbertozzi
    October 23, 2012

    @_hm: great post! If we would like to restrict the focus you have described, not necessary on crime, but on privacy, we could say each one of us is, potentially, really monitored about his on line activities; especially OTT players are not totally agreeing with the rules about privacy. Going further, privacy and then individual security are not fully assured. Maybe the “cyberwar” starts exactly from this topic.

  10. Mr. Roques
    October 23, 2012

    Following up with the army's analogy, we are all in the front line with 4 or 5 new, shiny guns — visible from miles away.

    Also, as important as prevention is being able to locate hackers and prosecute them… for that, we will need to establish better relationships with countries such as Russia and China.

  11. _hm
    October 23, 2012

    @mfbertozzi: This espionage on privacy may be done by our own organization like facebook, google and sold to enemies knowingly or or by mistake. This may be just begining of much more intricate world of cyber war. We may look it as opportunity!


  12. mfbertozzi
    October 24, 2012

    @_hm: ops ! you are opening an innovative and fascinating horizon which could be named “socials for spying”. After all, in a such way, it is already started ?!?

  13. _hm
    October 24, 2012

    @mfbertozzi: In the spy game anything can happen. One must scrutinize all possible ways.


  14. Wale Bakare
    October 25, 2012

    If we are all in warfront, who then are we battling against? One thing remains – we are yet to identify where the cyber problem is. All these attacks are originated from somewhere, hosted by some servers, passing through some exchanges and routed finally to their destinations. What's the point of spending huge money on machine guns and missiles, if insufficient qualify persons to man then unavailable?

  15. Wale Bakare
    October 25, 2012

    There are topical issues coming up in December this year in Dubai – World Conference on International Telecommunications ( WCIT12). The International telecommunication regulations (ITRs) might probably be revised to handle the cyber problems, some of the issues to address are:

    1) Network Neutrality

    2) Internet Principle

    3) Cyber Security

    4) Personal Data Protection

    5) Online Child Protection

    6) Misuse of Internet Numbering

    7) Internet Addresses/Allocation


  16. mfbertozzi
    October 25, 2012

    @WB: It is one of the most important event, this year and topics you have summarized within the post, are critical, definitely. The only question is about what will be the real follow up, in the sense that several of us are wondering how and when each Gov will apply possible rules outlined as output of the session in Dubai. Rules and regulators are good, speaking for myself, I would say an agreed timeplan related to rules to apply, could act as strong incentive in cyber war's mitigation.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.