- [Host] Cyberattacks.
We're always under attack, right?
As I look at the Downdetector map,
and I see that a lot of you
who have Cox for your Internet,
are still finding the blue
screen of death, or whatever,
on your computer, in a lot of this island.
Anyway, is it a cyberattack?
Who knows?
Nobody's saying anything,
but we've had a lot of experience
with these cyberattacks.
Did you know
there are different
generations of cyberattacks?
And this business of the
large-scale mega-attacks,
and all of that,
really has some aspects to it,
and we have on the line with us
someone who checks into
this stuff for a living,
and can tell us about what
type of attack is what.
Darrel Burkey of Check Point Software
is gonna chat with us this morning.
Darrel, nice to have you with us.
- [Darrel] Thanks for
allowing me to be here,
and pleasure to speak with you.
- [Host] Great, great pleasure.
Tell me about these different
generations of cyberattacks.
- [Darrel] Yeah, so there certainly
are different generations
of both cyberattacks
and then also cybersecurity
products to respond to them,
and if you remember back in the 1980s,
when we were first using PCs,
there were viruses that
we passed to each other
through our floppy discs
when we shared files on floppy discs,
and the attackers at that time
mostly wrote their viruses
out of curiosity, and fun, and
maybe to gain some notoriety,
but it was disruptive,
and it spawned the creation
of antivirus products,
and what we have now is the
antivirus product market,
and that continued,
and continued to grow into
the second generation,
and this began in the mid-1990s,
and they began as network attacks.
This is the era of the Internet.
Everyone and anybody wanted
to connect to the Internet.
All businesses were
connecting to the Internet
to share information and communicate,
but the challenge there was,
when you connected your
business to the Internet,
your entire network and all your data
was available and open
for anyone to access it.
So this spawned the
creation of the firewall,
and the firewall is basically that.
It is a wall, a barrier,
between the Internet and your
company, or your network,
and it allowed in those people
you said could get into your network,
and kept out those
who should not have
access to your network,
and then things progressed,
and things started getting
serious in the third generation,
in the early 2000s, and this
is where attackers realized,
hey, there's money to be made.
They began organizing more efficiently.
Organized crime sort of
started getting involved
in the cyberworld,
and they designed attacks
that targeted specific applications:
maybe a mail server, a Web server,
and it took advantage of vulnerabilities
in those applications
to gain access, and
then steal information,
whether it be personal information,
corporate intellectual
property, whatever it is.
These attacks affected all businesses,
and it drove the creation of
intrusion-prevention products,
and these are products
that would analyze all
of the Internet traffic
as it entered your network,
and look for bad or suspicious things,
and if it found them, it would block them,
and thereby protect your
network from being attacked.
- [Host] So the thing with...
Just back up for a second
here, Darrel, 'cause I
I do wanna get to your
central premise here,
which is that we're
really not in great shape,
in terms of preparation
for what might be coming
down the pike here,
but with these firewalls,
I always got the impression
that the firewalls were
keeping out the people
that should have been let in, (laughs),
and I'm not sure how much
effectiveness there was
in keeping people out that
you wanted to keep out.
- [Darrel] Yeah, so the firewall
was more based on an identity.
So it will create a rule that says,
Darrel is allowed to access my network.
So when I try and access your
network, it would let me in,
but when someone else
would try and access it,
it would recognize that and say,
well, I don't understand this address.
I don't know who this is,
and it would keep them from getting in.
However, cyberattacks,
they hide within the Internet traffic,
and a firewall does not analyze
at that level of complexity,
so that's why there are
intrusion-prevention
and other products that actually do that,
to find bad attacks and techniques
that are hidden within
the Internet traffic.
- [Host] Gotcha, all right.
So you have a
point of view here for these companies,
and you have a kind of a position here
that you believe that companies,
where they really are stand
where companies really stand,
in terms of updating
their own cybersecurity,
tell us how you're looking at
how vulnerable your
average company really is.
- [Darrel] Overall, quite vulnerable,
so we are in the fifth
generation of attacks today.
These are attackers are highly organized.
It's truly organized crime.
It's state-sponsored crime.
It is espionage,
and they're using very,
very sophisticated tools.
Some of these tools were
developed by state entities,
and then, one way or another
leaked out into the public domain,
and now the attackers are using these.
So we're in a fifth generation of attacks.
They can be launched at the network.
They can be launched at the cloud.
They can be launched
at your mobile device,
which very likely has access
to your business network.
The problem is, most
businesses and entities,
their security is only in the
second or third generation.
So they're generationally
behind the level of attacks
that they're faced with today.
- [Host] Yeah, so how can
how can businesses deal with
the next generation of a cyberattack?
- [Darrel] So basically
what's happened is,
over the years, since the '80s and on,
if there is a new type of an attack,
a company would buy that
new type of security product
that protected against it.
If there was a new application,
they would buy a new security product
that would protect that application,
and what happens is that
model is not scalable,
and all of these products,
it's known as a best-of-breed
security infrastructure.
The products don't work together
as a single, cohesive system.
What needs to happen now is
to protect against fifth-generation
and beyond attacks,
is companies need to move
more towards the security architecture,
where the system is completely integrated,
and can share attack
information in real time,
and provide much faster
prevention of the attacks
as they occur on their network,
be it the network, be it the cloud,
be it on mobile devices, whatever,
and it communicates cohesively
across the entire architecture
to ensure that these
attacks are prevented.
- [Host] How involved in this,
and is this for a company?
I mean, does your system
have to be down for days
to have this, to get this to come about,
and what does it cost?
- [Darrel] So that's a great question.
No, absolutely not.
I mean, businesses cannot afford
to have their network and
their operations down for days.
In most cases, these businesses
already have the foundation
of the products in place,
a firewall, an intrusion prevention,
an anti-bot product, an antivirus product,
so they already have those in place,
and they can build on those,
and over time, take a phased approach
to implementing a unified,
cohesive solution.
Cost-wise, you would be very surprised.
If you're buying a bunch
of different products
from a bunch of different vendors,
all with different contracts,
and different renewal dates, and so on,
you're gonna end up being much
more efficient operationally,
much more efficient in your purchasing,
and as well,
since you're buying a single,
cohesive architecture,
your pricing, your cost,
is going to be lower over time as well.
- [Host] Got it.
So all right, where can we go
for more information, Darrel?
- [Darrel] Absolutely, you
can go to checkpoint.com,
and you can find
information for the layman,
as well as highly technical details
if you're looking for those,
and the Check Point blog is a great place
to find out information
about the latest attacks,
both in layman terms, and
in great detail as well.
- [Host] Fantastic.
All right, well hey,
thanks for the update.
We really appreciate
it, and all of the best.
We thank you very, very
much for the time today.
- [Darrel] Thank you very much.
Pleasure speaking with you.
- [Host] Great, great pleasure, great.
