Cybercriminals often understand the digital economy better than the companies they are attacking, according to a former director of GCHQ.
Robert Hannigan, who left the government’s listening agency in January, warned that cybercrime groups understand customer service and have helplines available on the dark web.
Writing in the Financial Times, he said: “They have business models, product lines and targets that would make Harvard Business School proud . . . if the managed cyberattack capability you have purchased does not deliver, you can ring up and complain.”
His comments come after a string of attacks on businesses and the Wannacry virus that paralysed the NHS. The first step towards stopping such attacks “is to take [cybercriminals] seriously as businesses and to view them as the malevolent version of disruptive competitors, rather than old-fashioned criminals”, Mr Hannigan said, adding that such crime groups understand the power of data and how to monetise it.
“Successful criminal groups have cracked some of the most difficult problems for traditional companies: understanding which data matters, how it is stored and transmitted across networks and, indeed, what their own networks look like,” he said. “Criminal technology is parasitical. The good news is that, given the will, the non-criminal world has the technological edge to defend against them. Industry can win the arms race.”
Advertisement
Mr Hannigan took charge of GCHQ in November 2014 but stepped down this year for personal reasons.