“Cybersecurity has consisted in building something like a medieval castle, building more and more walls and digging more moats so that enemies can not enter the palace,” says David Barroso, head of Countercraft It seems out of an intriguing film, but the new wave of cybercrime has forced to try to anticipate crimes. Cyber-espionage, more typical of James Bond, comes true from a company in the Basque Country. Countercraft is the only counterintelligence company in Western Europe. Cyber attacks are already a frequent occurrence for the vast majority of companies and governments, and it is expected that over time these attacks will escalate further and further. After all, money and information are now available to anyone, and that is also known to criminals, who have set their sights on the network of networks.
But not only cybercriminals use the internet as a weapon, so do companies and governments. When Russia invaded Georgia 12 years ago, the first thing it did was paralyze the media and banks through a series of cyber attacks. The wars of the future are fought this way, from the distance that a computer allows. Something that has now become very common. In Spain, each of the armies of land, sea, and air have their divisions of “hackers” and cybermilias that increasingly take on more importance to defend and attack the country, but there is still much work to be done.
“Cybersecurity has consisted in building something like a medieval castle, building more and more walls and digging more moats so that enemies can not enter the palace. The problem is that each time the perimeter to defend the castle is larger because the number of devices that can be assaulted is growing, “said David Barroso, Countercraft’s chief executive on security and counterintelligence, to ABC.
To new times, new measures. If we thought about it 20 years ago, a company had an internet connection and that was what had to be protected, nowadays they are computers, mobile phones, internet of things, wearables and a long etcetera. Even an outdoor WIFI lamp can be a gateway to the company for a cybercriminal. “So probably, over time, the attackers will end up finding a place to assault that castle, the reason that security is never 100% infallible. What we do, instead, is to set traps for the attackers, that’s what counterintelligence is about, “he says.
Thanks to that effort, the world of spy spies is brought into the real world. For example, if an employee tries to steal you, you can report it. But what do you do if the person who tries to steal you is a country or a cybercrime gang thousands of kilometers away, you can not report it, you do not have legal tools to do so. In these cases, it is best to give the attacker a manipulated information and let them steal erroneous or incomplete solutions. “Creating false information is the most fun of our work because you have to be creative, the thieves have to go happily with what they have stolen, and it also has to cost them to reach it,” he says.
We are in the same situation as in the cold war with the KGB; It is better to have the spy controlled and to provide false information that disrupts the plans of the enemy’s strategy, than to throw him out and five more to come, that’s what counter-espionage is all about. Attacks between governments and large companies and governments against governments are more common than we imagine and occur recurrently. If we imagine the power that confers to be able to manipulate the votes of an election or to know the proposals of the companies in the great public competitions, they are data that can change the direction of a country in a certain moment.”James Bond would now have more of a computer than a gun. The tank is no longer so useful if you can use cyber weapons, for example, to cut supplies, “he says.
David gives us an example, his client was robbed of the offers prepared for public competitions, in this way the competitor could easily win the contest by always bidding downwards. The solution they gave him was to offer the hackers fake offers. Although this may seem very striking the most common case is internal fraud, where an employee sells secrets to a competitor. This situation is not going to do more than grow in the future, cybersecurity is a global problem, that’s why Countercraft has not stopped expanding in Europe and now it’s the turn of the United States where they will disembark this year.