Understand The Cyber Attacker Mindset

Understand The Cyber Attacker Mindset, Build a strategic security programme to counteract threats, by Sarah Armstrong-Smith, KoganPage 2024

When you get blasted by a crazy hack that takes over your system and flashes noisy explosions all over the screen, despite your pricey software security subscription, and you are suddenly stabbed with fear and panic - should I shut down my system? or try to move to another website or another computer? - it all makes sense.  That distant threat of cyber attackers, hackers that want your data, your money, or worse, your credit card numbers, can get personal really fast, like in nano seconds.  But it can take days or even weeks to recover.  There has to be a better way.

And that's where Sarah Armstrong-Smith's book Understand The Cyber Attacker Mindset illuminates this crazy cyber world while she identifies possible safe spots, strategic responses to a darkness that just won't go away.  Armstrong-Smith breaks the growing challenge into manageable steps.  Throughout Understand The Cyber Attacker Mindset's sixteen chapters the reader will find surprises - the real role of hardware in the hacker mindset, and how the hacker sphere is not limited to technology, but is actually rooted in human psychology.  Start with Chapter 1 to understand how we got here and what it means to now own multiple devices - in essence multiplied hacking opportunities.

And there is the money angle.  While hacking may have started with fiendish curiosity supported by simpler IT journeys, today cyber attackers make money.  And the longer they continue, the more access a thief has to our daily lives and long-term financial, life plans.  But those of us who have been hacked know only part of the story - what we all live with is a desire to "set it up right," to build the right network and to keep it all safe, no matter how many contacts or websites are attached.  A good part of the challenge is learning how to think like an attacker, to understand and predict how he would evaluate and proceed with your system.  Its a challenging mind change, learning how to "see" what we have been reluctant to go to, but the loops are out there, and protection unfortunately cannot completely rest with the security companies. 

And like the corporate response in so many off-the-books crises - Johnson and Johnson's Tylenol poisoning tragedy in 1982 for example  - corporate boards and management structures may not be prepared and indeed are not designed to deal with The Big Hack.  In fact they may shut down inside, hoping and waiting to see what happens next, a strategy that risks business life.  But we are learning more everyday about what happens in the hacker world, and fortunately experts like Armstrong-Smith can help us see it all more clearly as . they watch and note  "the next hacky trick."

Take the Tony Sales case for example, the makings of a cybersecurity movie, hopefully redacted for public safety!  Tony Sales was raised without a father but he learned to live a different life, one filled with the finer things.   He's brilliant, he's a thief, and he knows it.  But Armstrong-Smith shares information showing pieces of how he got there, what he loves, and what made him move.  Despite having been imprisoned, Sales knew upon his release that his life, for the sake of his relationships with his children, had to change.  That recognition led to the big switch from criminal activity to fraud prevention, and the creation of his own company, We Fight Fraud.  Given the growing complexity and speed of IT systems, we learn, says Armstrong-Smith, as noted by Sales, that "moving crime online provides a level of scale and anonymity that traditional crime may not offer."  From a corporate, as well as an individual perspective, however, the challenge of being safe remains high, staying difficult through multiple layers of vulnerability.  Included in the growing list of current weak points are the human elements that drive crime, areas like greed and pride that require a different approach to system security.  Armstrong-Smith's comprehensive approach offers readers a series of workable plans to understand and minimize system dangers, from soft spots to life-threatening hacks,  all with the benefit  of avoiding growing disasters.   

Patricia E. Moody

FORTUNE magazine  "Pioneering Woman in Mfg" 

IndustryWeek IdeaXchange Xpert

A Mill Girl at Blue Heron Journal, on-line resource for business thought-leaders and decision-makers,  patriciaemoody@gmail.com