Branden Spikes knows a thing or two about cybersecurity, having served as Elon Musk’s technology right hand for more than 15 years at Zip2, PayPal, Tesla, and SpaceX.
Spikes helped pioneer and build extraordinary technology, and now works as the technology evangelist at Cyberinc. But right now he’s worried that most people don’t know enough about the dangers they face online. Hacking has gone from IT whiz kids testing their prowess to a Mafia-like extortion with the potential to cause cataclysmic damage to companies and the economy.
“The new thing that worries me in the activity you see hackers doing is ransomware,” he told Business Insider.
“It’s new, in the fact that they’re willing to do damage now. I think in the past, the only kinds of attacks you saw were maybe temporarily harmful, or maybe stealing money from a financial institution or something, but going into a business and getting on their network and deleting their data is pretty bad. It can be really destructive.
“I’ve seen examples where they didn’t only just go after their data, but in the case of Sony Pictures, where they even tried to erase all the backups, and all the backups of the backups, and really tried to screw them over.
“The amount of damage that can do in numbers in the billions of dollars is unprecedented, and to see hackers willing to do it is freaking me out a little bit.”
Spikes says the problem isn’t going to go away any time soon.
“[It’s] a somewhat new behaviour, and I think it’s going to continue to happen,” he said. “That’s probably a big concern for businesses.”
It’s new form of economic terrorism.
“Never negotiate with terrorists,” Spikes says.
“It might be best to not pay the ransom and just deal with the consequences, because I think in some recent cases compromised systems became compromised repeatedly by different hackers. They would replace the previous guy’s ransom note with their own, and so you could end up paying someone who doesn’t even have your data.”
Just as life has changed in the era of global terrorism, people need to make changes to the way they live online too.
“People need to be willing to, at least for environments or for systems that deserve some security, to take that extra measure to make it secure, whatever it may be, changing your password, or not using this for web browsing, or using isolation or something, is all it takes to make a huge difference,” he said.
“It’s all about adoption, and so I encourage people to look for solutions that offer more security but at the same time more freedom and more user experience, just more of thinking, put the user first and then try to protect them invisibly, so they don’t even know you’re working on their behalf behind the scenes.”
The big challenge for IT teams in businesses today is keeping up with evolving threats, as anyone who’s been sent an urgent upgrade message for security flaws in their software already knows.
“Cybersecurity is moving fast, but unfortunately it’s moving slower than the innovation that’s occurring on products,” he said.
“Fortunately, there’s a lot of work being done on that, and in a way there’s too much work being done on that. I’ve seen thousands of startups in the last couple of years in cybersecurity, and it’s mind-boggling. How do you even sift through that to see what’s total shit and what isn’t, and what applies to my business and what doesn’t?
“In some cases, the new stuff is making the old stuff obsolete, and so you’ve got to stay apprised of it.”
It’s huge challenge, but Spikes is heartened by the collaboration in response.
“[When] cybersecurity and IT and user experience can all come together I call that the ‘art form’. Cybersecurity can be pretty much a game of numbers if you don’t really pay attention to the art form. It can be boring, but if you embrace the challenge of making things secure and easy to use, it really does become an art form that can be quite beautiful in the eyes of the cybersecurity, at least, in the eyes of cybersecurity professionals.”
*The author traveled to Melbourne as a guest of Pause Fest.