At Digital Transformation EXPO Europe Samy Kamkar, independent security researcher and ‘Samy’ MySpace computer worm creator, reflected upon the current cyber-threat landscape and warned that defenders are being challenged to a far greater degree than ever before.
That’s because of the ever-increasing numbers of internet-connected devices being used across the world, extremely high levels of information being shared online and the extremely sophisticated technology cyber-criminals now adopt in their attacks.
“Security is challenging,” Kamker said. “It’s very difficult to secure everything and as somebody who is trying to defend, you have maybe 100 holes and maybe you can cover 99 of them. For an attacker it’s much easier, you only need to find one problem, one hole to break in.”
So attacks are now very difficult to stop, he added, and that’s because they are now possible to carry out “with low cost tools – tools that even you and I can purchase, with open source software and hardware that anyone can access.”
Staying secure is therefore not easy, Kamkar warned, but he said there are three fundamental steps that can be taken to make better security more achievable.
The first “is using two-factor authentication wherever you can.”
Next, “do not use SMS two-factor authentication. The SMS network is like your local area network – anyone with access can essentially take over any phone number. Do not use SMS if you have the ability to use something like an authenticator or software on your mobile device.”
Lastly, “please use a password manager. There are pros and cons, and yes you are storing passwords in one place that’s centralized, but do anything [you can] to prevent you from using the same password over and over again, which is how all of the largest attacks I have ever seen occurred,” Kamkar concluded.