DevOps works for malware developers too

Many organizations are embracing the DevOps movement to function more efficiently, develop more effectively, and compress time frames to achieve a competitive advantage. DevOps isn’t just for the good guys, though. It seems malware developers and cyber criminals also see the value in being more agile, and streamlining operations.

I spoke with my friend TK Keanini–CTO of Lancope–to get his thoughts on how organizations need to step things up in order to defend against more agile attackers employing DevOps tools and concepts:

I came across an intriguing headline the other day: malware coders adopt devops to target smut sites. The article, unfortunately, is fairly vague about what exactly that means, but it got me thinking about the potential implications.

It’s all just a function of rivals competing. Just as Company A has to find a way to work more efficiently and bring better products and services to market faster than Company B, malware developers need to be faster and more agile than their targets. In either scenario DevOps can give one or both parties a competitive boost.

Although the article in question simply says malware developers are “now engaged in DevOps,” and claims it’s the first time that behavior has been seen from the dark side, the reality is that malware developers—even those in organized cybercrime groups—have always had an element of DevOps to them. By their very nature they’re more inclined to have shared responsibilities and to exhibit the sort of jack-of-all-trades cross-functionality that we expect to find in young startups.

“It has always been the case that most attackers embrace much more of a DevOps pattern than defenders. Most of these folks were born of the Internet way of thinking and nowhere in their playbook do they have the traditional data center change controls or any other big enterprise methodology,” declared TK Keanini, CTO of lancope.

The problem that many organizations face when it comes to mounting an effective defense is a lack of situational awareness of their own environment. In many cases the attackers actually know more about the organization’s network, and the assets connected to it than the organization itself.

Read the full story at When the bad guys use DevOps, you need DevOps to defend yourself.

Scroll to Top