industrial spies, hostile nation states, or hackers bent on blackmail and other misdeeds. In breaches this year at the Office of Personnel Management, hackers obtained personal information including Social Security numbers and health histories from government background checks of more than 21 million people, such as employees of companies seeking work under federal contracts.
“The government is spending billions of dollars on cybersecurity, but they’re having the same problems every other company is having,” Weatherford says.
Those problems, at least, have some remedies available, according to vArmour. Weatherford says he joined the company because he thinks its technology can help organizations maintain security even though their data is now distributed throughout a network of company servers, third-party cloud storage sites, employees’ tablet computers and mobile phones, and similar networks operated by their vendors and customers. With Weatherford’s arrival, vArmour hopes to attract more government agencies as clients, along with its business customers.
A major tactic of vArmour’s software is to monitor traffic among all the communications nodes in a company network—everything from servers to iPads—to find unusual patterns. The system might detect, for example, a lot of chatter between an office printer and an IP address that has no business making contact with a client’s devices, the company says.
That outsider’s address could be a valuable lead to identify a malign outside force, so the company has several choices, Weatherford says. Report it to the government, or handle it in-house?
Governments, for their part, are developing the capacity to hack back. U.K. Chancellor George Osborne said this week that British intelligence agents are preparing to execute counter-attacks against cyberterrorists and even criminal gangs of hackers. Osborne said the U.K. offensives could extend past infecting enemy computers to causing damage in the physical world, such as interrupting power supplies to “cause loss of life in the most extreme circumstances,” The Guardian newspaper reported.
In the U.S., there have been calls to authorize companies to mount their own counteroffensives against hackers, Weatherford says. For example, cyber victims could counter with a denial of service attack, malicious software of their own, or measures to corrupt the attacker’s data.
Weatherford’s advice to companies: Don’t try this at home.
For one thing, such tactics would be considered cyber crimes, he says. “It’s illegal today to hack back,” Weatherford says. “It’s cybervigilante-ism.”
Even if a company ferrets out an Internet agent that seems to be trying to invade its network, “that source may not be the attacker,” Weatherford says. Hackers can use spoofed source ID’s, meaning it’s hard to tell where an attack is really coming from. “Your target may turn out to be a hospital or a power plant.”
There can be incredible unintended consequences of attacking back, even if the victim actually has a bead on the bad guys. “What if they decide not just to take you out, but to take out your city, or other companies associated with your industry?” Weatherford says.
