How cybersecurity changed in the last decade; how will it change in the next |

How cybersecurity changed in the last decade; how will it change in the next

Aaron Aupperlee
AFP/Getty Images
Network cables are seen going into a server in an office building in Washington, D.C., on May 13, 2017.
Joe Ferrara, general manager of Wombat Security Technologies, a division of Proofpoint. (Photo from Proofpoint)

Much has changed in cybersecurity in the last decade.

But much has stayed the same.

Money is still the main motivation but so is data.

Large banks, financial institutions and corporations are still the main targets but so are small businesses.

There are still constant, continuously changing attacks, but even they have evolved.

“It used to be about going after infrastructure,” said Joe Ferrara, head of Wombat Security Technologies. “Now it’s about going after people.”

Wombat turned 10 this month. A trio of Carnegie Mellon University researchers founded the company in June 2008. Ferrara was employee No. 4, joining three years later and growing the company to hundreds of employees with offices in Pittsburgh, Denver and London. In March, Proofpoint, a Silicon Valley cybersecurity company, bought Wombat for $225 million.

Ferrara has kept control of Wombat and kept his team in Pittsburgh, running the company as a business unit inside of Proofpoint.

Wombat provides training to help people avoid being victims of phishing and other cyberattacks. Wombat will even run simulated attacks on a company, testing its employees to see who clicks on that link or downloads that file.

“You see attacks going at every single industry,” Ferrara said, adding that companies big and small are targets. “It’s not longer that you can hide.”

Ferrara said that 10 years ago, a bulk of attacks focused on defeating cyber infrastructure like firewalls, routers and anti-virus software. But over the last decade, the target of attacks shifted. People turned out to be more vulnerable than hardware or software.

Every employee, from the CEO to a new hire, is vulnerable to attacks, Ferrara said. And attackers have gotten clever, targeting and tailoring their scams to specific people. Phishing emails are filled with personal information scammers skim from the internet about their targets.

These tend to be more successful for the scammers.

“They’re not stupid. They are trying to leverage whatever they can,” Ferrara said. “And unfortunately, we all tend to leave a lot of publicly available information out there.”

Ferrara said that Wombat can have training materials created around new attacks in about 24 hours. It’s an arms race, Ferrara said.

Scammers are still mostly after money, Ferrara said, but they aren’t siphoning off credit card numbers or bank account information like they used to. Some scammers seek to steal data, which is just as good as money in some circles. Many are looking for access.

Scammers seek to gain credentials, usernames and passwords, to email and social media accounts. Once they have access, they launch their attack.

On a social network, that could be the compromised account of a friend posting pleas for money to help him or her out. At a company, it could be the compromised account of the CFO directing payments or wire transfers.

“They are continually looking for different angles to stay one step ahead,” Ferrara said.

And that’s what Ferrara doesn’t see changing in the next decade. Attacks will change. Cybersecurity efforts will adapt. Attacks will change again. Ferrara doesn’t see that changing for a while.

“It’s just literally keeping up,” Ferrara said.

Aaron Aupperlee is a Tribune-Review staff writer. Reach him at [email protected], 412-336-8448 or via Twitter @tinynotebook.

TribLIVE commenting policy

You are solely responsible for your comments and by using you agree to our Terms of Service.

We moderate comments. Our goal is to provide substantive commentary for a general readership. By screening submissions, we provide a space where readers can share intelligent and informed commentary that enhances the quality of our news and information.

While most comments will be posted if they are on-topic and not abusive, moderating decisions are subjective. We will make them as carefully and consistently as we can. Because of the volume of reader comments, we cannot review individual moderation decisions with readers.

We value thoughtful comments representing a range of views that make their point quickly and politely. We make an effort to protect discussions from repeated comments either by the same reader or different readers

We follow the same standards for taste as the daily newspaper. A few things we won't tolerate: personal attacks, obscenity, vulgarity, profanity (including expletives and letters followed by dashes), commercial promotion, impersonations, incoherence, proselytizing and SHOUTING. Don't include URLs to Web sites.

We do not edit comments. They are either approved or deleted. We reserve the right to edit a comment that is quoted or excerpted in an article. In this case, we may fix spelling and punctuation.

We welcome strong opinions and criticism of our work, but we don't want comments to become bogged down with discussions of our policies and we will moderate accordingly.

We appreciate it when readers and people quoted in articles or blog posts point out errors of fact or emphasis and will investigate all assertions. But these suggestions should be sent via e-mail. To avoid distracting other readers, we won't publish comments that suggest a correction. Instead, corrections will be made in a blog post or in an article.