Big Data vs. Big Data
This post is also available in: 
עברית (Hebrew)
By Daniel Cohen, Business Development Director at RSA Israel, EMC’s information security division
“The most valuable commodity I know of is information.” – Gordon Gekko. Everybody is talking about big data. Even bad guys understand that in order to fool security systems into thinking their hostile activites are non-hostile, they better learn how to mimic human behavior and give their operations a more legitimate feel.
Bad guys are constantly improving their information mining capabilities by using various addons – such as IntelegentBot, MoneyPanel or even the Pony Stealer trojan. They offer a better analysis of stolen information but still fail to reach their potential.
So what’s the next step for bad guys when it comes to big data? Imagine the following not-so-imaginary scenario: Bad guys start creating fake profiles of their victims – let’s say they pick you, the reader. They already collect more than enough data concerning our surfing habits, having the capalibity to come up with more if necessary. With a single mouse click they can create a sort of unique double, who pretends to be us and copies our behavior. This digital doppleganger clicks the same pages as us and at the same rate – all based on our profile. By perfectly mimicking our behavior our bank accounts allow themselves to be emptied at the same rate, ostensibly due to “our” perfectly legitimate activites.
Is this actually possible? Can hackers actually get this good? Well, we should assume the worst. They already adapted every other business and technology practice for their own use, so why not adapt big data analysis? Fortunately we’re not there just yet, especially due to the fact that hackers are limited by their sources of information – our PC, mostly, although they do their best to infiltrate our mobile devices as well. If your sources of information are limited then the information itself will be limited as well, no matter how deeply you analyze and cross-check it.
iHLS – Israel Homeland Security
Still, it’s a good idea to be prepared, but how exactly? Well, as far as big data vs. big data, the winner will be the one with access to more sources of information. The more data we have – time- and context-sensitive data – we can use it to reach better insights. The better these insights, the harder it will be for “hostile” big data efforts to defraud or manipulate us.
We have to widen and deepen the sources of information available to “benign” big data. To reach that goal organizations of any kind – public or private – should share information, knowledge and insights on cyber attacks. Lately we’re seeing more and more collaborations of this kind, and that’s the right path to take.
This, however, will force those of us who aren’t there yet to look at reality in a wider context. Security solutions can’t survive on their own, especially in light of the conflict between benign and hostile big data. Right now we’re ahead in this ongoing cat and mouse game, but the best thing we can do today is integrate security solutions based on big data. Eventually the cat will start catching the mouse, we have to be ready and always remain one step ahead.
