Cybersecurity risks in the unlimited world?
No one would like to have an argument that security should not be a priority for most businesses. It’s hard to retain much privacy in the digital age where the internet is nearly limitless and every day it’s growing. We are placing tons of personal data onto it. Consider this: did you check who would have access to your personal data when you were signing up for a new online platform? Most of my respondents answered “no” — did you just say it? You’re curious about how cybersecurity works and how to prevent yourself against a cyberattack? Let’s get started then.
The dark age is coming. This stylish expression comes to my mind when I read news about cyberattacks on the strategic national facilities such as airports or power energy plants. In early 2018, a hacker group called “Massive Cyber” performed a massive attack against an internet service provider in Russia and Iran compromising more than 200,000 Cisco devices. The aftermath was costly. According to reports, the hackers admitted that they had scanned many countries including the US, UK and Canada but they decided to attack servers only located in those two countries because of unknown reasons. Cyberattacks on big and even more often small businesses continue to rise. Now it’s not just IT companies and governments that are under fire. It’s also startups and small businesses of all stripes. Hackers prey on knowledge that those businesses tend to have much lower defenses than larger companies, usually because of lack of financial and human resources. Finally sometimes, it’s pushing a lot of entrepreneurs to the verge of bankruptcy.
In the IT world, there are two main terms describing people who try to get unauthorized access to an organization’s network. A cracker is a person who seeks to breach defenses and exploit weaknesses in a computer system or network[1]. The opposite person to a cracker is a script kiddie[2] (also known as a script bunny or skiddie). It’s a pejorative term for an unskilled hacker who relies on third-party scripts or programs to launch a cyberattack.
However, there are several problems with the way we think about security and crackers can exploit them easily today. Computer systems, smartphones and cloud systems are highly complex internally and have a large and growing number of connections to the outside world. The complexity within those systems and the number of connections break down the main security barriers creating more and more network bridges. All of this opens more gates through the wall (firewall for instance), creating new ways into our personal network and electronic devices. For instance, our operating system runs more and more background tasks, and more of those tasks are connected to the Internet and the cloud exchanging our data. There is higher probability that having more connections can lead to at least one of them having a weaker security system. At the same time, the volume and speed at which data crosses organizations and external networks continues to accelerate, making it difficult to keep attacks far away from the central system.
What we need in the cyber security is not a simple firewall, but an immune system imitating the human immune response. Literally, a machine taking a more active part in its own protection (said Bruce McConnell — U.S. Department of Homeland Security). On today’s network, the time from the start of one data package through cable to the start of the next one can be really little — 6.7nanoseconds (the company Alcatel-Lucent claimed recently that they set a new fiber optic world record with an amazing 31 Tbit/s data transfer over a single cable). And so, it makes it impossible to do any kinds of analysis of data being transferred in real time. Consequently, this makes it difficult to prevent any malware from entering our core business systems.
History of cyberattacks
Over the course of our entire history, the distribution of power has fluctuated between the attacker and defender. Biological, political, economic and cyber warfare are growing in complexity and gradually adapting their means of attack. A battlefield surrounded by different fortifications both natural and man-made is being replaced by online platforms. The Oxford English Dictionary defines cyber warfare as “the use of computer technology to disrupt the activities of a state or organization, especially the deliberate attacking of information systems for strategic or military purposes”. The biggest issue with cyber warfare is that it’s very often extremely difficult to figure out who launched the attack. Of course, national organizations can use some advanced technologies to uncover which hacker group has been responsible for an attack but it’s very easy to mask (hide) our identity online. According to Ponemon Institute[3] (independent research institute on privacy, data protection and information security policy), the global average cost of a data breach is up 6.4 percent over the previous year — $3.86 million. And the scope of cyberattacks are expected to further escalate. The average cost for each lost or stolen record containing sensitive information is $148 and that figure is increasing by 4.8 percent yearly.
Definitely, cyberattacks are continuously evolving into smarter and unforgiving incidents. They are forcing organizations to adopt a three-part defense mechanism: prevent, detect and respond. Many corporations around the world have been doing research into the vulnerability of their company infrastructure and network to cyberattacks. As a result, in many cases the prevention and detection solutions deployed by those companies were not good enough, revealing many security gaps. Today, the existing security model in companies is focused on preventing the cyberattack in before it happens. In consequence, the security framework is being updated and improved on a daily basis. A few years ago, the former FBI Director Robert S. Mueller (2001–2013[4]) said: “I am convinced that there are only two types of companies: those that have been hacked and those that will be. And even they are converging into one category: companies that have been hacked and will be hacked again.”. Hacker groups are growing rapidly, mainly in countries such as Russia, Iran, China, and North Korea, staying behind the scenes for long periods within a system to analyze data flows and potential targets. Then they begin downloading sensitive data or damaging the system. Every month, new alerts and notifications appear about the next hacker attack. As usual, the scenario repeats itself. A group of hackers attacks many government entities and domestic companies mainly in the energy, nuclear, commercial and critical manufacturing sectors, trying to make physical damages. For instance, according to a report published by MIT called “The future of the electric grid”[5] achieving full protection of a national grid system will never be possible. The only way to protect the grid is to prepare the system to respond and as much as possible to reduce the potential impact of those attacks. Adding to this, not only physical infrastructure needs to be secured but also other technologies such as cloud technology used widely in digital businesses.
Cloud technology
The trend of moving business processes to clouds is a good example of how the core business of the technology sector (data sharing technology) is secured. From the beginning, the main standpoint of using cloud technologies was that it was supposed to simplify things for enterprises. If a development engineer wanted to test a new application which needed to be separated from the production environment, he was able to test the application in the cloud. Currently, cloud is an emerging high tech solution which combines the features of the traditional computing technology with network technology. One of the downsides of cloud technology is the fact that the visibility of operating systems is being revealed via the cloud technology in some points. That’s why the cloud is susceptible to many privacy and security attacks. As we know the digital world has been built around a customer or end user. The user is given the tools to make a choice what level of engagement with a supplier (Google, Facebook) he prefers and what data will be shared with the world. Ultimately, a user receives a full power of itself security even if it’s the weakest link in the security cycle for many IT companies (most of the cyberattacks are been done because of a user mistake). The rise of mobility and a distributed workforce are the drivers of cloud technology. Securing new technologies requires an understanding of how the technology actually works. A CSO (chief security officer), recognized in many companies as a person who is in charge of an IT department, should be able to make strategic decisions regarding the minimum level of security for each communication channel available for customers.
Cloud technological architecture is classified to three delivery models namely as software as a service (SaaS), platform as a service (PaaS) and infrastructure as a service (IaaS). Software as a service is enabled by a user who can access SaaS using a standard web browser over the Internet. Google or Salesforce offers a lot of these solutions to their customers. It’s mainly used in business processes and industry applications provided to customers on demand. Infrastructure as a service is also called hardware as a service. A customer receives access to dedicated IT resources without the need to invest money into managing or building information systems inside the organization. Finally, the third type of business is a platform as a service where a user is developing a platform for developing, testing, deploying and hosting web applications. It’s mainly deploying the customers’ application to cloud.
Capabilities, control, and costs are the key factors in enterprises’ decisions on where to develop new applications and whether to migrate their applications between public and private infrastructure. A hybrid cloud can be an alternative model which can meet those requirements. So what does the hybrid cloud mean? It’s a composition of two or more distinct cloud infrastructures both public or private (including community) that remain unique entities but are bound together by standardized technology. In a single word, it means managing a public and a private cloud as one where sensitive data is saved at a private cloud and other data is shared using a public cloud. According to statistics, hybrid cloud adoption grew 3 times last year. What is more, cloud technology created a new trend in the entire industry? Many international organizations have actively started using containers. Container technology offers an alternative method for visualization in which a single operating system on a host can run many different applications from the cloud. By containerizing the application platform its dependencies are eliminated.
Security transformation trends
Australia (33%) and Canada (32%) are global leaders in public cloud adoption, with Saudi Arabia (30%) and the United Arab Emirates (30%) leading in a private cloud. The elements which are used to describe the security transformation (business framework, user behavior) can also be used to understand the need for having a secured system or platform. Hopefully, the top security trends can serve as a compass of sorts for companies looking to move their business forward. The most challenging issue which is coming to business is ways how to protect most important business assets against a security breach (corporate financial information, customer information, brand reputation, and R & D). Managing multiple interdependencies among technologies with the biggest security implications (public cloud software, big data applications, mobile business applications, and hybrid clouds) could be an amazing way to address new modern cybersecurity challenges and create opportunities to beat the competition by offering better-secured services. Unfortunately, in an era of innovative technology and upheaval, many roadblocks still keep business away from creating a culture of cybersecurity for all shareholders. That’s why more and more companies devote more personnel and technology to ensure they are never breached, combine security and operations personnel into teams which are dedicated to specific mission-critical applications or assign line business development teams which are focused on protecting critical business assets. Those are some of the best ways to maximize the impact of new investments on a company. What is more, many executives (boards of management) agree that assigning available human resources to critical assets could also be a good alternative for a business as well.
International companies are also creating modern security strategies where swift, efficient and highly refined business processes can stop a security incident from starting or escalating across an organization. Expanded and continuous training is one of the best ways to develop this culture of security. In fact, enterprises invest money and evaluate the skills of IT and security staff to identify gaps and then make necessary adjustments by organizing additional training or employing new security officers. According to McKinsey & Company research, large companies report cross business unit gaps where the connectivity between subsidiaries creates a potential backdoor for cyber attacks. Trust among business stakeholders, individuals in the business units as well as in the IT organization can also be difficult to create and maintain because those groups sometimes work at cross purposes. Overall, seeing the big picture of the organization can be the first step to improve internal security culture. However, neither side can afford to battle cyber attacks on its own. Companies need to cooperate with each other and involve governmental agencies which can be facilitators of cybersecurity investigations. What is more, technology alone cannot hold cyberattackers at bay. A business culture of trust is also important for corporate cybersecurity initiative.
Summary
Over the past few years or so, the security level of products available for individuals and enterprises has been changed a lot. The security strategy should evolve to address new risks that are specific to new technologies including cloud technology. However, everyone is at a different place when it comes to security. Individuals have to care about passwords, PINs, social accounts, emails, mobiles and the remaining devices connected to the world wide web. Enterprises are additionally responsible for the infrastructure. The stark fact is that network security will not be 100 percent effective all of the time. Enterprises need to determine where public, private or public-private (hybrid) clouds best fit within their technologies and company strategy. The importance of the hybrid cloud is going to grow as business increases their use of both on-premises (private) and public cloud services. Overall, most information technology suppliers are transferring their applications to a cloud where customers use them over the Internet.
But tellingly, network security and data protection are two of the most challenging issues which have to be addressed correctly. Holistic systems can be a solution to win this battle. The closer the cooperation between corporations and national governments, the higher the chance of defeating hacker groups. Involving artificial intelligence into security systems could be another example of how to protect organization systems effectively. Inability to protect data in the cloud is also a direct outcome of complicating the thought process behind cloud security. In fact, cloud providers prefer to let their customers take responsibility for all safety issues.
Hackers rely on their security penetration skills and human error. Most cyber attacks in 2017 relied on the interaction with an end user. Every organization is aware of the risk of human error and invests a lot of money into prevention actions such as security workshops or security training. Reports prepared by Boston Consulting Group indicate that not all employees realize how dangerous human error can be for an organization’s network. As a result of errors made purely by users, e.g. inadvertently sending data out, technologies exist on the market to help companies to block external factors that target individual users.
Cloud computing will be crucial to the future of global society. It’s often said that any successful organization has to focus on people, business processes, technology, and customers in equal order. Security should also be added to this list. This way, employees and organizations are better prepared to respond effectively to cyber attacks creating a new organization style called cybersafety.
Written by Lukasz Kudlak
