“Check it, read it, clear it.” That is all you should be doing with your emails, says Kevin Mandia. He may be the chief executive of global cyber security firm FireEye, but he has no qualms about ditching emails for communication.
Emails are a huge cyber security threat, Mandia says – a single click on a malicious email link can be the downfall of entire networks. “You’re hacking your own device, or you’re hacking your own system,” he warns.
This captain of the tech industry is not a wide-eyed evangelist, but a realist on the frontlines of cyberwarfare. In an exclusive interview, he shares on his cyber fatalism, the threat of North Korea, his distaste for cryptocurrency, and the future of cyberspace.
As warfare moves from physical realm to cyberspace, cyber attacks are now the new norm in the world. So how can institutions keep up? “I don’t know if you can”, Mandia says. Governments and people should expect to be hacked at some point. “People are always going to be vulnerable to some extent”. “An attacker needs to break into one machine; defenders need to defend millions,” he notes. “It doesn’t make it a fair fight.”
According to Mandia, the biggest aggressors in cyberspace are now countries, which are increasingly using cyber attacks to twist geopolitical situations to their own advantage. “Most modern nations will have an offensive capability, whether you want to admit it or not,” he remarks.
Earlier this June, personal information of 1.5 million patients in the networks of SingHealth, Singapore’s largest group of healthcare institutions, were stolen – an attack, that Mandia believes, was likely state-sponsored. “Looking at this from the outside, my gut is that breaches like the SingHealth breach are targeted attacks. Somebody wanted to break into them specifically, which adds to the complexity of countermeasures.”
North Korea a threat
And one country has fast emerged as one of the world’s biggest cybersecurity threats: North Korea, says Mandia. “North Korea is not predictable,” he says. “In cyberspace, there’s not a deterrent in place.”
Earlier this year, FireEye successfully traced three North Korean hacking units to the world’s most high-profile cyber attacks – with two groups specialising in political cyber-espionage and one specialising in cyber-heists of banks and other financial institutions. In 2014, North Korean hackers leaked thousands of internal emails and unreleased movies from Sony Pictures. “I don’t know if I learned anything good from the Sony breach other than we don’t want to see it happen again,” Mandia says. But “you have to hold people who do it accountable,” he adds.
“Maybe there’s really no deterring North Korea .”
And just last year, North Korean hackers released the “WannaCry” attack, which infiltrated over 300,000 computers in 150 countries. The attack disrupted operations in some British hospitals and caused chaos in government agencies across the world. In the wake of these attacks, Mandia admits that “maybe there’s really no deterring North Korea”.
The problem with crypto
Another problem for cyber security is the rise of cryptocurrency. Its lack of traceability makes it a potent enabler of cyber crimes, according to Mandia. “As a cyber security person, I don’t see a lot of upside to cryptocurrency,” he says. “It’s an anonymous way to transfer money 10,000 miles away. It’s largely unregulated.”
For one, criminals often use cryptocurrency to extort large sums of money from companies without the fear of being traced, Mandia warns. “The only time I ever see cryptocurrency is when a company is being extorted to not have data leaked or to un-encrypt their hard drives,” he says. “I think it’s a wonderful tool for folks who want to extort,” he adds.
“I think it’s a wonderful tool for folks who want to extort.”
Global police networks do not yet have the means to track illegal crypto-transactions, which makes large-scale financial crimes harder to solve. Agencies like Interpol have “learned how to track wire transfers and money transfers,” says Mandia. But “I’m not so convinced they’re as effective at tracking cryptocurrency,” he adds.
Meanwhile, the realm of cryptocurrency is rife with cyber attacks. Just last month, hackers reportedly stole US$60 million worth of cryptocurrencies from a Japanese cryptocurrency exchange, with victims ranging from users’ hot wallets to company assets.
What’s next for cyber
The intensity of state-sponsored attacks will only increase in the coming years, he predicts. “We take internal polls on what’s the next nation we’ll see out there,” he says. “You will see more nations conducting influence operations. You’re going to see more attacks from state-sponsored groups.”
But emerging technologies like blockchain can be a boon for governments – by helping to protect vulnerable institutions like elections. Countries will soon use digital voting to make elections safer, first by giving their citizens digital identities to vote with, Mandia says. “I believe you can do identity digitally. And you can probably safely do all kinds of elections digitally,” he remarks. “And that’s where most people will go.”
Estonia is using a blockchain-style distributed system for national elections to prevent hackers from tampering with votes. The government is also using blockchain to secure its citizens’ healthcare records, tax and business registration systems.
Cyberspace will continue to be an increasingly complex space filled with threats, state sponsored or not. But countries do not have to be sitting ducks. Resistance can start with a simple step: ditch your emails.