“The cyber world is now as vast as the real world and issues related to cyber security encompass the components of globalisation, communication, cost effectiveness and our very way of life,” says Sanjay Sahay, Additional Director General of Police, Government of Karnataka
During the last four decades, the Internet has grown by leaps and bounds. From the first email in 1971 to a whopping 40 trillion emails at present. From one website in 1991 to staggering 30 trillion individual web pages at present. Today we have the reached the stage where Internet of Things (IoT) is taking root. IoT is adding a new all pervasive dimension to the cyber world— we have 8.7 billion devices connected to the Internet and by 2020, the number of net connected devices will reach 40 billion. We are fast approaching a world where the real life is essentially being led online.
In 2008, Pentagon defined cyber space as the global domain where the information environment consists of interdependent network of information technology infrastructures, including the Internet, telecommunications networks, computer systems and embedded processors and controllers. The demand from this system is availability, integrity and confidentiality on a fail-safe basis with an inbuilt resilience. The system should be able to tackle any disaster, natural or manmade, so that the businesses remain functional.
The problem with cyber space is that its building blocks were not created while keeping the aspect of security in mind. That is why there are many vulnerabilities that the hackers are able to exploit. 97% of the Fortune 500 companies have been hacked. The sophistication of the attacks is going up constantly and today we are having threats like Stuxnet. The complexity gets confounded as the myriad good, bad and the ugly players happen to be using the same technological platform.
Present Scenario
Recently Julian Assange shook the world through leaks of official documents / communication / diplomatic cables on Wikileaks. Assange says, “You have to start with the truth. The truth is the only way we can get anywhere.” Edward Snowden wanted to expose the duplicity of the superpower game and so did Bradley Manning. It was simply beyond their capacity to digest what came to their notice in their official capacity. The leak was technically avoidable. Whatever hue to which hacker may belong, there is no disagreement that he leads the way, the corporations and governments are forced to play the catch up game.
The general misconception that cyber crime is another variant of crime does not hold good. As in normal classification of crime, from pickpocketing to murder for gain to organised crime to terrorism, cyber crime has in its fold not just the microcosm of the world, but the world itself. From money laundering to medical insurance to providing public platform for ISIS, lot needs to be done to classify these crimes from the techno-legal angle, leave aside providing an effective legal framework and stringent enforcement of the same.
We are also seeing a kind of weirdness to the cyber security issues—the hackers group Anonymous has taken the responsibility of policing ISIS on the internet and has been successful in disabling hundreds of Twitter accounts belonging to it. The government is completely at a loss in devising methods to deal with this monster which is successfully using internet for wrecking havoc on businesses, government departments, institutions, etc. In case of the high-profile Sony breach, fingers have also been pointed towards rogue states like North Korea. But we are yet to have any conclusive evidence.
There is a huge underground economy that thrives in the digital world. The public web displays only 4% of the web content and there is the deep web, which comprises of the rest 96%. It is on the “deep websites,” protected by passwords, that we have data running to the tune of 7.9 zettabytes. Underground cyber crime enterprises are running their businesses in full swing, providing all kinds of information and services for the right price.
Nature of Attacks
The nature of the attacks depend on the tools used and the intensity and precision. Collaborative efforts leads to even more damaging consequences. The nature of collaboration inclusive of the one adopted by Anonymous makes it near impossible to crack. The common threats to internal systems and online channels are social engineering (phishing) vulnerability exploit, malware infection leading to fraud scheme execution and consequent money loss, data exfiltration and consequent enterprise breach.
Every company in the world is being hit by viruses, worms and trojans. Malware, botnets, web based attacks, denial of service, malicious code, phishing and stolen devices add to the woes. Source code, which is at the root of malicious code, is generally free and available to anyone through well-known kits posted on underground forums. Zero day or a vulnerability being exposed for the first time is the prize catch for the hackers and is being sold for a price and for lots of other purposes. McAfee’s Malware Zoo in undoubtedly the world largest with 110 million species.
Many hackers are in this trade and they deploy a variety of extremely sophisticated methodologies. Groups like Anonymous have targeted government organisations and businesses in the past, but now they are engaged in the cyber war with ISIS, the mostly deadly terror group in the world.
The Critical Factors
The foregoing discussion might give a feeling that technological issues must have technological answers. But there is also a human angle to these cyber security challenges. The truth is that majority of the security breaches occur due to human intent or error. In fact, the human factor accounts for approximately 80% of the breaches.
Building a risk-aware culture, of zero tolerance with management pushing change relentlessly from very top down, while also implementing tools to track progress can be an extremely good initiation point. Managing incidents and responding in a professionally matured manner, contextually, through a company-wide effort to implement intelligent analytics and automated response capabilities is essential.
Where do we start? The key step that must be taken to address the vulnerabilities must include—the building of a risk free culture, automating security hygiene and managing incidents with intelligence and protecting the network and end points. The top 5 reasons why attacks are possible pertaining to system hygiene or user knowledge are 1) end users don’t think before clicking, 2) weak password/default password in use, 3) insecure configuration, 4) use of legacy or un-patched hardware or software and 5) lack of basic network security protection/segmentation.
In today’s knowledge driven world, technology is all set to become the mankind’s DNA. We definitely need out of the box thinking to address today’s cyber security challenges. We have to keep in mind that the transformational changes always demand transformational answers.
