Facebook security boss Alex Stamos makes some interesting points about security and people in his keynote speech at Black Hat this year. The part that caught my attention, though, was around how adversaries operate.
Many people may imagine that sophisticated adversaries always use complex attacks and the latest exploits. This is not the case. Most serious attackers will simply use the most effective tool for the job. Indeed, they may deliberately start with simple attack methods in order to appear basic to a network defender.
Since attackers will start simple, defenders should also make sure that they cover off the simple things - basic password policy, patch management and user access control are a good start.
Doing the basics gives us a chance to make life that little bit more difficult for the attacker. Who knows, if they are really not that advanced perhaps they will go try someplace else. If they don't, then at least they have to really start working at it, which gives us - as defenders - more opportunities to detect and stop them.
"The things that we see, that we come across every day, that cause people to lose control of their information are not that advanced," he said. "Adversaries will do the simplest thing they need to do to make an attack work."