Phone in the right hand? You're a hacker!

Hackers are finding it too easy to circumvent traditional cyber defences, forcing businesses to rethink their security strategies. Many firms are now harnessing big data and adopting cutting edge verification checks. In fact, some can even identify you by how quickly you type your computer keys, or how you hold your mobile phone. In these days of regular space travel, nanotechnology and quantum computers it is easy to believe we live in an age plucked from the pages of a science-fiction novel. But there are some aspects of this shiny, computer-powered era that look more feudal than futuristic. Consider the way many organisations protect themselves and their staff from cyber-attacks. Many approach cyber-security like a medieval king would have tackled domestic security - by building a castle to protect themselves, says Dr Robert Blumofe, a senior manager at cloud services firm Akamai. The high walls, moat and drawbridge are the security tools, anti-virus and firewalls they use to repel the barbarians at the gates trying to breach their cyber defences. "But now," Dr Blumofe says, "that castle metaphor is really starting to break down." Outer defences The first issue is mobility. Digital fortifications worked well when all staff sat at desks, used desktop computers and were concentrated in a few buildings. But now many work from home, airports or coffee shops and use their laptops, tablets and phones on the go, to work at all times of day. The second problem, Dr Blumofe says, is that many firms wrongly assume that those in inside their castle walls can be trusted and are "safe". This leaves many firms dangerously exposed, agrees John Maynard, European head of cyber-security for Cisco. "Typically once attackers have penetrated a trusted network they find it is easy to move laterally and easy to get to the crown jewels. "That's because all the defences point outward. Once on the inside there is usually little to stop attackers going where they want to." Tumbling walls

In a bid to get beyond this outdated thinking many organisations have torn down the old castle walls in favour of a model known as the "Beyond Corp" approach. It was pioneered by Google in response to a series of cyber-attacks in 2009 called Aurora orchestrated by China-backed hackers. The attackers went after Google as well as Adobe, Yahoo, Morgan Stanley, Dow Chemical and many other large firms. According to Mr Maynard, Beyond Corp assumes every device or person trying to connect to a network is hostile until they are proven otherwise. And it obtains this proof by analysing external devices, how they are being used and what information they are submitting. This encompasses obvious stuff such as login names and passwords, as well as where someone logs in from; but it also relies on far more subtle indicators, says Joe Pindar, a security strategist at Gemalto, "It can be how quickly do you type the keys, are you holding the device in your right or left hand. How an individual uses a device acts as a second layer of identity and a different kind of fingerprint." Gathering, storing and analysing all that data on those individual quirks of usage was the type of big data problem only a tech-savvy company such as Google could tackle at the time of the Aurora attacks, says Mr Pindar. However, as familiarity with big data sets has spread, many more big firms are adopting the Beyond Corp approach when organising their digital defences, he says. One big advantage is that Beyond Corp turns a firm's network into an active element of defence, says Mr Maynard from Cisco.