Security Impact of Tech Bubble Burst

Are We Sitting On Another Technological Bubble?

There has been a buzz around Silicon Valley and beyond for the last year that we’re in the midst of another technological bubble. Respected and experienced investors have expressed concern of a “correction” in the technology sector, stressing that disorganization and poor investments by venture capitalists and “angel” investors will lead to a collapse not seen since the .com bubble burst in 2000. One of the loudest and most shared warnings came from billionaire investor and entrepreneur Mark Cuban, who warns that the technological bubble of today is worse than the 2000 bubble because of zero valuations and zero liquidity. In other words, investors engaged with private startups and crowd funding efforts are unable to sell or convert any tangible assets to cash, essentially locking in their commitments with few alternatives in the event of a crash.

To get a better idea as to the pace and amount of venture capital (VC) backed firms, the Wall Street journal has been tracking VC backed companies valued at $1 billion or more since January 2014. The total number of firms valued at greater than $1 billion has more than doubled since January 2014, jumping from 42 to 99 companies valued between $1 and $46 billion.

Another differentiator in today’s technological bubble is that burn rates are extremely high for many startups and investors are jumping in at all stages to try to get a slice. Often, late-stage investors are jumping in with little research, not properly accounting for risk. Additionally, valuations of many start up tech companies are inflated and calculated from an idea, and not a tangible product. This is nothing new, however, and the voluminous amount of tech startups is disrupting the balance of the industry and will inevitably tip the scales to normalization. This will result in an initial collapse of the tech sector, but a swift correction will likely result. If the tech bubble bursts, the pool of investors will shrink, resulting in more calculated risks being taken by fewer investors.

Some argue that a correction in the technological sector may not be all that bad, when compared to the 2000 dot com correction. Many businesses and startups are now much more agile and operating in a smaller footprint. Organizations are operating with leaner business models where inventory is not housed or even owned at large, on-site warehouses, and the bulk of the workforce are independent contractors. Additionally, better software, smarter business practices and diversified marketplaces will enable for a softer landing in the event of another tech bubble burst and normalization of the industry.

Tangential Effects

A tech bubble burst will have widespread implications throughout various business sectors, mergers and acquisitions, and education. If the tech bubble bursts, there is a potential that some corporate enterprise technology currently in use will quickly become unusable and obsolete. Many corporate enterprises utilize outsourced managed services, and some of these managed service providers are treading water in the venture capitalist pool. These providers are not operating at a profit, have a low business acumen, burn rates that are unsustainable, and have little liquidity to operate from. Many of these providers are able to undercut competitor pricing to meet investor growth demands and to meet series funding requirements, while doing little to grow actual net income. The effects on customers of this type of business practice is two-fold. Some of these businesses are laser focused on meeting funding requirements and place little importance on repeat-business. Secondly, the stability of some of these VC-backed organizations is disrupted when investor demands are not reached. This can ultimately effect customers of these managed service providers, disrupting business operations and processes.

What to look for when hiring a managed service provider

When seeking a service provider, look beyond just the services that are offered. Seek additional information into the business structure and culture of who you are hiring, to understand the agility of your providers, and to determine a cultural fit as well. Additionally, seek professionals who have staying power in their given industry with repeat customers who will proudly refer the service provider.

Seek a service provider which places an emphasis on ethics and character on equal footing with technical acumen. Many businesses hire managed service providers as both a cost saving measure, and for expert advice to fill organizational knowledge or capability gaps. If dealing with an unwitting client, a dishonest provider can up-charge and claim that many services are provided when in fact they do not have the capabilities, or acumen. This practice is somewhat common, and can leave organizations even more vulnerable for there is a presumption of competence, as opposed to a clear understanding of which vulnerabilities need addressing.

Encrypted Malware Analysis


encrypted_malware_WPThe analysis of encrypted malware utilizes traditional Dynamic Analysis, Active Memory Analysis and cutting edge “Trace Analysis”, allowing for a more holistic approach towards malware analysis from three differing perspectives. All three “prongs” of this methodology involve the analysis of “Data In Execution” which significantly reduces, and in some cases negates, the effectiveness of the anti-forensic techniques employed by malware authors attempting to implement countermeasures.

This multi-layered methodology has the benefit of targeting the weaker and less protected aspect of malware, its execution. It provides an analyst with multiple avenues for analysis which complement each other and provide a means to analyze advanced malware which may employ defenses designed to obfuscate the binary and foil Static Analysis, which come in the form of packers, obfuscation or other encryption techniques. With the de-obfuscation of such techniques, the playing field has been leveled allowing an analyst to become more effective. This paper provides a brief demonstration of this methodology and stands as an example of the benefit of this approach in identifying and analyzing malware which utilizes anti-forensic techniques, such as encryption.

Observational Malware Analysis


The idea and practice of encrypting or obfuscating malware has been around since the early to mid 1980s. Malware authors quickly realized that to be successful at introducing and spreading their creations; they would need to take steps to not only conceal the malware’s behavior, but they would need to take steps to inhibit the progress of those who would reverse engineer the capabilities of these new Cybersoldiers. The longer a malware sample can remain undetected and thwart reverse engineering, the longer it has to spread and complete its mission. 

In order to identify and respond to advanced malware, the analyst much have the training and expertise to conduct surveillance on the malicious code.  Surveillance on malicious code – Observational Malware Analysis (OMA) – provides a better understanding of malware capabilities, the mission of the attacker, and the effects on the company being targeted. An analyst armed with this methodology and skillset is a valuable resource to defend against today’s most advanced threats.

Observational Malware Analysis (OMA) provides a better understanding of malware capabilities, the mission of the attacker, and the effects on the company being targeted. An analyst armed with this methodology and skillset is a valuable resource to defend against today’s most advanced threats.

Observational Malware Analysis

This paper serves as a high-level summary of a fully integrated forensic approach to identifying today’s advanced malware threats with higher confidence, better understanding, and in a more time efficient manner. Much of the information mentioned in the article should be fairly well known to a reader who oversees incident response or forensics teams, and to those who perform such tasks as part of their work experience. More