We often debate who the most sophisticated hackers in the world are. I firmly believe that there is a direct correlation between the chess-playing community and hacking. To this point, I would tip my hat to the Eastern European hacker crews of 2011 and 2012.
There are three historical factors that distinguish Eastern Europe hackers from those in the rest of the world:
- An educational culture which has long emphasized mathematics and chess
- A robust underground economy
- A well-developed “tradecraft’’ of criminal activity that has adapted well to the Internet age
The obfuscation techniques and nano-malware we have seen deposited in the financial sector illustrate the evolution of capabilities which are being sold in the arms bazaar of Eastern Europe. In today’s era of professional cyber hacker crews, we must acknowledge that the APT has been privatized and that spinning the cyber chess board is an imperative. Beyond a healthy respect for the stratagems utilized by our adversary, we must move away from over-reliance on perimeter defenses.
As we spin the chess board within our networks, let us acknowledge that a “knights folk” in cyber security begins with situational awareness and ends with hindering exfiltration. Thus, the fundamentals of cybersecurity in 2012 are: specialized threat detection, threat intelligence, file integrity monitoring, and virtual shielding.
More on my thoughts regarding Eastern European cyber hacker crews are published in this paper.