Sources

Insights into the Cyber Security Space

Technology has brought the world closer together, creating an interconnected global society; however, never before has society faced as great a risk as hacking. Cyber security refers to the measures taken to keep electronic information private and safe from damage or theft. Applying to software and hardware, as well as information on the Internet, cyber security can be used to protect everything from personal information to complex government systems. As the world is more reliant on computers than ever before, cyber security has become increasingly essential.

There are three main types of cyber attacks: Backdoor, Denial-of-service, Direct-access. Backdoor attacks exploit alternate methods of accessing a system that does not require the usual methods of authentication. Denial-of-service attacks prevent the rightful user from accessing the system. Direct-access attacks refer to viruses, which gain access to a system and then copy its information and modify the system.

Cyber-attacks are popular because they pose many advantages over traditional crime. They are inexpensive, as a multitude of malware tools can be purchased or downloaded online. They are easy, as even attackers with basic skills can impose significant damage. Cyber-attacks are also low risk, as hackers can evade detection and prosecution by hiding their tracks through a complex web of computers and exploiting gaps in domestic and international legal regimes. Cyber-attacks can also prove extremely lucrative, as a report by Symantec found that 64 percent of Americans are willing to pay a ransom, compared to 34 percent globally. The average ransom has increased by 266 percent since 2010, with criminals demanding an average of $1,077 per victim.

Hacking continues to augment both in damage and scale, as attacks target more valuable information and databases. In 2012, a joint US-Israel created a virus dubbed “Stuxnet”, launching a cyber-attack on Iran to undermine its nuclear enrichment facilities; the virus disabled 1,000 of Iran’s centrifuges at the time. In 2014, a Chinese hacking group penetrated the computer networks of major US companies such as Westinghouse and US Steel in order to steal trade secrets. In 2016, Russian government hackers allegedly gained access to Democratic National Committee computer networks, stole sensitive information, and systematically leaked it in an effort to damage Hillary Clinton’s presidential campaign. In March 2017, over 300,000 computers in 150 countries were infected by a malicious ransomware attack dubbed “WannaCry”. A few months later, another ransomware cyber-attack named “Petya” caused widespread data operational issues at a number of large companies and hospital systems.

Cyber-attacks are on the rise globally, as value continues to migrate online and digital data has become more widespread. Cyber security Ventures reports that the global cyber security market was worth $3.5 billion in 2004, and in 2017 it is estimated to be worth more than $120 billion. The cyber security market grew by roughly 35-fold over 13 years, driven by unprecedented cyber-criminal activity. According to a study by McMaster University, 1.7 million Canadians were victims of identity theft in 2011 and the annual cost of identity theft in Canada has been estimated at nearly $1.9 billion. It has been estimated that in 2015, 86% of large Canadian organizations had suffered a cyber-attack. Reports from Canada and across the world confirm that cyber-attacks have succeeded in stealing industrial and state secrets, private data and other valuable information.

In 2016, the most effective bank robbers were armed with computers, not guns; billions of dollars were stolen in virtual attacks. While some of these heists were the work of organized cybercriminal gangs like Odinaff, for the first time, nation states appear to be involved as well. Symantec reported that North Korea has attacked banks in Bangladesh, Vietnam, Ecuador, and Poland, stealing at least $94 million USD. Cyber-crime is now a $445 billion business. The average company handles a bombardment of 200,000 security events per day, yet businesses do not view cyber security as a primary concern. Cyber security in the corporate world goes unappreciated and underfunded, as a 2011 study by The Ponemon Institute found that 73 percent of companies surveyed had been hacked, but 88 percent of them spent more money on coffee than on securing their Web applications. Cybercriminals are becoming increasingly more organized and aggressive; governments and corporations must take proactive measures to ensure national and corporate security.

Similar to bacteria developing drug resistance to antibiotics, cyber viruses and malicious code are continually evolving to evade cyber security defenses and antivirus software. The evolution of cyber-attack tools and techniques has accelerated dangerously in the recent past. In order to be effective, cyber security measures must constantly adjust to new technologies and developments. Hackers consistently adapt their methods to new forms of cyber security thus rendering it ineffective, therefore cyber security programs must stay one step ahead at all times.

However, cyber security is more challenging than one may expect. The primary issue is the sheer volume of the Internet of Things; some experts predict that by 2020, there will be 200 billion connected things. Cars, planes, homes, and cities are all being connected; it is almost impossible to ensure that each of the connected outlets is completely secure. There are also different rules in cyber space, as concepts like distance, borders, and proximity all operate differently, which has profound implications for security. Cyber threats can come from anywhere at any time, as everyone’s network is directly at the border. The chart below depicts how attacks have continued to rise year over year, becoming an increasingly greater threat to governments, corporations, and individuals. It is also difficult to implement stringent cyber security measures without influencing the customer experience, as one cannot block cyber criminals out of businesses without impacting the consumer’s ability to reach business directly.

In order to face the growing cyber threat of hacking from individuals, groups, AI, and nation states, a partnership must form between the private and public sectors. Private firms typically know more than outsiders, including the government, about the architecture of their systems, thus they often are in a better position to know about weaknesses that intruders might exploit. The private sector thus has a comparative advantage at identifying cyber-vulnerabilities. On the other hand, the government’s highly skilled intelligence agencies typically know more than the private sector about malware used by foreign governments and how to defeat it.

One scenario could be that private firms might be asked to provide a baseline level of cyber security that is capable of thwarting intrusions by adversaries of low to medium sophistication. The government would assume responsibility for defending public utilities and other sensitive enterprises against catastrophic attacks by foreign militaries and other highly sophisticated adversaries. This arrangement is consistent with the respective roles during World War II. Similar to how factories were not expected to install anti-aircraft batteries to defend themselves against Luftwaffe bombers, we should not expect power plants to defend themselves against foreign governments’ cyber-attacks. This dynamic has already begun to form, as the o National Security Agency (NSA) is reportedly providing malware signature files to Google and certain banks in order to help them detect sophisticated intrusions into their systems.

The rise of AI-enabled cyber-attacks is expected to cause an explosion of network penetrations, personal data thefts, and an unprecedented spread of intelligent computer viruses. Ironically, our best hope to defend against AI-enabled hacking is by using AI. AI can be a valuable ally when it comes to defending against hackers. AI can be trained to constantly learn patterns in order to identify any deviation in it, much like a human does. Cyber security AI learns and understands normal user behavior and can identify even the slightest variation from that pattern, such as if an employee logs in from New York when the office is in Texas. AI, unlike a human, can handle great quantities and complex series of information quickly, effortlessly, and on a 24/7/365 basis. AI looks for behavioral abnormalities that hackers are bound to display such as the way a password is typed or where the user is logging in. AI can detect these small signs that otherwise might have otherwise gone unnoticed and halt the hacker before any data is stolen.

As AI begins to dominate the cyber defense space, humans will take more of a supervision role. AI-based attacks will be able to operate completely independently, adapt, make decisions on their own and more. Security companies will counter this by developing and deploying AI-based defensive systems, humans will simply supervise the process.

The cyber security landscape is certain to drastically change in the coming years, with that comes the emergence of new technologies and security strategies.

Cyber security is witnessing a shift toward context-aware behavioral analytics, which uses sophisticated behavioral analytics to monitor and identify suspicious behavior or transactions. This allows technology to become more adept at detecting intruders, adding contextual analysis beyond the login. A popular example is Bio printing, using markers such as how hard or fast an employee types or how they typically use a mouse are taken into consideration. Another example would be Mobile Location Tracking, determining if a login occurs in an unfamiliar location can help prevent wrongful logins.

As cyber criminals are becoming increasingly aggressive, Active Defense Measures (ADMs) begin to take rise, fighting fire with the proverbial fire. ADMs use techniques that can stop, track, and counter attack hackers.

Honeypots, for example, take the bait and trap approach. A honeypot is an isolated computer or network site that is set up to attract hackers. Cyber security analysts use honeypots to research evolving tactics, prevent attacks and catch intruders. An ethical debate exists around the concept of counter hacking, as there is a risk of taking down innocent third-party infrastructures or instigating a hack war, however, this idea has gained traction in recent years. According to Edward Snowden, the NSA has been working on an automated program called ‘Monstermind’ that would use algorithms to search repositories of metadata and identify and block malicious network traffic. It could also potentially strike back at the server launching the attacks.

Imagine stopping an attack before it even occurs, sounds like science fiction, right? Although still in its infancy, software developers are working to create algorithms that can determine which sites and servers will be hacked in the future. The idea is built on the premise that vulnerable websites share similar characteristics such as software, traffic statistics, and web page structure. Using machine learning and data mining techniques, researchers at Carnegie Mellon created an algorithm that predicts which web servers are most likely to become malicious in the future. Over a one-year period, their algorithm was able to predict 66% of future hacks with a false positive rate of 17%. Their code is also designed to adapt to emerging threats. As it absorbs more and more data, it should be able to improve its accuracy.

As the world moves toward greater connectivity and reliance on technology, cyber security’s role on the individual, corporate, and government level will become increasingly essential. As the world becomes increasingly connected, it becomes increasingly vulnerable. Cars have been hacked, U.S. smart home alarm systems have been hacked, implantable medical devices like pacemakers have been hacked, plane systems have been hacked, critical infrastructure like a power grid and a dam were hacked, mobile banking apps have been hacked, smart city technology has also been hacked. This industry will continue to rapidly evolve and expand, requiring a shift in the way governments, businesses, and individuals view cyber security. The cyber security industry will continue to witness greater investment as it becomes an increasingly essential aspect of business. A Cybersecurity Ventures report predicts that global spending on cyber security products and services will exceed $1 trillion cumulatively over the next five years, from 2017 to 2022. The human factor is and remains, for both IT professionals and the end user, the weakest link in relation to security. Cyber security technologies will continue to require less human intervention and incorporate more machine learning. AI, machine learning, and enhanced defense technologies will continue to evolve and transform the cyber security space. Expect to see customized cyber security solutions, shifting away from the traditional one size fits all security paradigm.

Related posts:

In 2017 Sidler introduced new customizable cabinet with add-ons. We were building a web-based configuration tool for that product. We’ve decided to go with drag and drop interface, also we wanted…