LegalSEC: Cybersecurity, Rooted in 500 Years of History

Learning from colonial piracy about the war on cybersecurity 

“It is a small world.  It’s a fragile world.  No one is safe until everyone is safe.”  These are the cautionary words of Rod Beckstrom of The Rod Beckstrom Group, the keynote speaker at the cybersecurity LegalSEC Summit last week in Baltimore.  With over 350 legal technology professionals leaning into his every word, he set the stage for where cybersecurity is headed with an advisory tale from history now repeating itself on the Internet.  His intent, to arm the guardians overseeing 80-90% of the country’s IP information all sitting in the same room at that moment in time.

History of Pirates

In 1491, the “Erdapfel” of Martin Beheim was created.  It is the oldest surviving terrestrial globe – excluding the Americas.  This sphere was cutting edge technology of the day.  Like any technology its uses can be for the betterment of humanity or its decline.  Not surprisingly, around the release of the globe, piracy began to flourish.  Seafaring scoundrels viewed the world anew with this technology and seized upon its bounty.

These salty scofflaws took four unique forms in their day.  One group of pirates were sponsored by the Dutch, Spanish, and British empires respectively.  Another group realized they could band together using their private ships to attack on the high seas for gems and precious metals.  The third formed a coalition around pirating for a cause.  The last group were one-off ships that would attack others for jewels or money.  These four pirating entities have a present day adaptation.  They translate to State Actors (e.g. China, Iran, North Korea), Organized Crime (e.g. in Russia or Estonia), Hacktivist (e.g. Anonymous) and Lone Hackers (e.g. anyone and everyone).  One new addition, in the Cyber Age there is also the internal threat to organizations known as “Insider Joe” attacks which are very prevalent.

keynote

Present and Future

As Beckstrom described in this presentation, the wars over the years require time for forces to align.  During the Nuclear era, once the major powers acquired these arms, everyone realized it was in the best interest of each country not to use them, i.e. mutually assured destruction.  This is ongoing right now with Cyberwar.  He said that China or Russia could hobble the infrastructure of the United States tomorrow, but they realize that if they did that, the US would do the same to them, therefore no one conducts this sort of cyber-attack.

Law firms are not a sovereign territory so all aforementioned groups are threats and in turn are seeking them out.  These groups have tools which are sold on the Dark Web as out of the box solutions and can wreak havoc for firms in very little time.  In the graphic below Beckstrom outlines an ecosystem where various parties work together but in isolation to earn money or take down a company.  The scripts are created by people and sold to criminals.  While another sets of criminals have harvested millions of credentials.  In conjunction the Criminal Operator uses both to target a law firm or corporation.  Those proceeds or goods are then routed through Mules.  These are everyday people who simply accept packages and send them along to someone else which keeps the money flowing. In most of the law firm attacks, mules are not used, instead data is either released or held at random by the Criminal Operator.

rod1

The only way to combat this said Beckstrom will be a new world of robots fighting robots (computer bots), which is now occurring.  This next era defense is sifting through huge amounts of data and applying cognitive computing and artificial intelligence with a layer of deep learning on top.  In this light he underscored the importance of preparedness.  One of the world’s largest banks, JPMorgan, has decided to pledge a half billion dollars toward the fight on cybersecurity.

Beckstrom closed with the warning to each firm CIO that the time is now to invest heavily in cybersecurity.  Every one of the attacker profiles mentioned are attempting to break in and get access to law firm and corporate information.  Prepare now because time is short – we are not safe until everyone is safe – by taking the responsibility to invest.

Advertisements
About Joseph Raczynski (87 Articles)
Joseph Raczynski Legal Technologist/Futurist Joseph is an innovator and early adopter of all things computer related.  His primary bent is around the future of law and legal technology. He also focuses on several fields including machine learning, mobile, security, cryptocurrency, and robotics (drone technology). Joseph founded wapUcom, LLP, consulting with companies in web and wireless development.  As a side project DC WiFi was created to help create a web of open wireless WiFi access points across cities and educate people about wireless security. Currently he is with Thomson Reuters Legal managing a team of Technical Client Managers for both the Large Law and Government divisions.  Joseph serves the top law firms in the world consulting on legal trends and customizing Thomson Reuters legal technology solutions for enhanced workflows. He graduated from Providence College with a BA in Economics and Sociology and holds a Masters in eCommerce and MBA from the University of Maryland, University College. You can connect with Joseph at JoeTechnologist.com or JosephRaczynski.com or @joerazz

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: