RSA 2020 – Hacking humans

(Editor’s note: contributed blogs like this are part of’s annual sponsorship program. Find out more here. This article was originally posted to the ESET site We Live Security by Cameron Camp, security researcher, ESET.)

This year at the RSA conference in San Francisco there’s an unspoken unrest about the threat of a rapidly spreading virus. Not a digital one this time, but the oft-demonized coronavirus. It gives us a chance to think about the risks of something bad spreading in a way that’s more palpable, more real, more scary.

And yet, looking at the spread of malware brings to mind several notable parallels:

It never stays home

Wherever a piece of malware starts, there’s no way to know for certain where it will spread. For decades, nations have wrestled with the idea that “hacking back” and deliberately knocking out your opponents’ digital capability will be tidy – one hit and you’re done. That’s never the way it works. Story after story of the collateral damage from a rogue piece of malware showing up in another area of the globe and leveled against an unintended target, is a valuable lesson in what can go wrong.

It’s not as bad as some would think

Splashy headlines aside, it’s amazing the speed with which folks worldwide have collaborated in triage, controlling the spread, educating, damage control after the fact and so on in the physical realm. We’re good at working together to stop badness. Doesn’t matter the area of the world, good people working together can work miracles against the odds. We can overcome, it’s not as bad as you would think.

You can’t hide your head in the sand

It’s understandable why some folks would choose caution against potential physical infirmities, but we’re here at RSA anyway. Why? We’re optimistic that over-zealous panic will yield to calmer, more prepared minds. We can beat this by constructively engaging, and that’s what we’re doing here. Not careless, but thoughtful dialog wins the day.

We will learn something new

Better ways to protect, better ways to defend, better techniques, better understanding all around. Following a bad event is one of the best times to reflect on what went right and what could be better. These learning opportunities and feedback loops can be baked in to lessen the chances of a repeat. While there’s no such thing as a perfect defense, there are always a host of learning moments if we take them.

Our machines are getting better

Digital machines are getting better, faster, and more accurate at detecting, defending and triaging bad events. Mapping the worldwide telemetry of bad events by consuming mountains of data and coming up with educated predictions followed by feedback loops which tune the engine further have enormous benefit, starting with speed. Wrangled by humans, the machines can do the heavy lifting, repetitive jobs that keep us all safer.

No system is perfect. No bad event follows a linear progression, and the outlier events give cause for pause. Still, whether at RSA discussing digital events, or at a health facility somewhere working on the corona virus, our hats are off to you. We need you to continue helping to make us all safer.