HYAS Blog

When You’re Getting Clobbered, Shift Your Approach or Suffer Defeat

Written by David Ratner | June 30, 2021

There have been a lot of recent articles about the latest cyberattacks, but one in particular caught my eye — Ransomware attacks show we’re getting clobbered on cybersecurity

I’ve been both an athlete and a coach, and a competitive one at that. I can recall countless halftime speeches which can be summarized as “we’re not being effective, and in the second half we’re going to change...” Winning always requires being open and honest on what is working and what isn’t, being humble enough to admit that a change is required, and confident enough to drive that change full forward efficiently and effectively.

The state of cybersecurity seems like it is at one of those points. Rarely do you change the tide and end up winning simply by “trying harder.” It’s not about working more hours, It’s not about adding more people. It’s about changing the game, adapting the strategy, and no longer playing the same traditional defense.

Anne Neuberger, deputy national security advisor for cyber and emerging technology, agrees that we need to change the game, and at RSA 2021 argued that the required shift is to focus on prevention versus the traditional defense of incident response. 

Here at HYAS, we believe that inspecting and using DNS is a required part of this paradigm shift. HYAS’ Protective DNS service, as CISA and the NSA named it, delivered via our HYAS Protect solution, can be quickly and easily integrated into any existing security stack.  It uniquely applies our advanced intelligence to prevent attacks from getting started, either by blocking the nefarious traffic itself or by alerting another component in the stack to take similar action. Whether it’s protecting the corporate or the production network, HYAS Protect easily integrates into both, adds unique value, and can identify, block, and mitigate even intricate and elaborate attacks.

Most complex attacks involve multiple days (if not weeks or months) of communication between a bad actor’s spy inside the enterprise network (e.g., Cobalt Strike, FUD malware, or other) and the bad actor via their command-and-control (C2). Seeing these happen at the DNS/network level is exactly the kind of paradigm-shifting, game-changing strategy that can deliver improved results in the second half. The bad actor may constantly change their C2 to evade traditional defense — HYAS Protect’s advanced intelligence stays one step ahead. It doesn’t matter if they snuck in via a supply chain attack, a compromised password, or a well-hidden phishing attack; once inside, HYAS Protect sees them trying to communicate and shuts them down like swatting away mosquitos.

It’s halftime at the game. Are you going to adapt your strategy to win, or play the “hope-a hope-a” strategy in the second half and hope that simply trying harder yields different results? Benjamin Ola Akande famously said “hope is not a strategy,” and we agree. We believe in shifting away from traditional defense, executing on a new game plan to clear a safe path for business to progress. The difference between victim and victor isn’t two letters, it’s four — H-Y-A-S. Come join us.