Your Technology Needs to be More Radical than Your Cyber-Attacker’s
There is no doubt that the world has become completely digitized. Virtually every facet of our lives is impacted by internet technology, from social media, digitized data, artificial intelligence, smart homes—you name it, the internet dominates the world.
Digital is great but the Risks of Data Breaches Have Multiplied
Digital data has revolutionized the way business is conducted today. The benefits are enormous. And so are the risks. While digital platform developers are working diligently to improve the world for consumers, hackers are working diligently to steal crucial business data for personal gain. A mere glance at the news reveals that every business sector has been impacted by cyber crime. Not only are the economic disruptions staggering, but the risk of personal financial harm is significant. Recently, for instance, it was reported that FedEx became victim to a cyber attack, resulting in a significant impact on its worldwide operations. Protecting the cyber borders of data is more important than ever.
Cyber Criminals are Patient
Cyber criminals are primarily interested in extracting data from company servers, with the aim of disrupting operations. This requires companies to rethink their cyber security strategies, to focus instead on the “cyber supply chain.” Hackers have become very adept at sneaking into the system and slowly stealing data for months before they are detected. Cyber security professionals, therefore, need to focus their attention on both inbound and outbound traffic.
Organizations are not Paying Enough Attention to the Risks
In spite of the vulnerabilities and increased incidents of breaches, response and recovery of data continue to be the weak link in corporations today. Organizations should conduct cyber security emergency drills, similar to the national emergency drills conducted by the government in order to remain alert and abreast of the newest cyber terrorist strategies. Artificial intelligence is assuredly the next frontier, but the success of any cyber security strategy relies on vigilant and skilled people. A strong cyber defense system requires a team effort, constant attention, and a continuous assessment of and response to threats coming from all sources.
A little while ago, I wrote on this Blog about the threat that the form of malware known as Ransomware poses to our online security. Now I want to focus on the particular threat that Ransomware poses to universities.
I’m thinking of a recent case in which one prominent university fell victim to this menace, with worrying results. When the Ransomware infection hit the university in question, it locked down exam results shortly before they were due to be announced. No decrypter could be found for the specific infection, but the university had, fortunately, digitally backed up all of its exam results by recording them on excel spreadsheets. This allowed the administration to painstakingly reconstruct the locked-down results, but the announcement of those results was delayed for almost one month.
Backing up or Backing Down?
Depending on I.T. and administrative procedures, the consequences of Ransomware attacks can vary widely from one university to another. A recent attack on the University of Calgary in Alberta, for example, compelled that institution’s authorities to pay a ransom of $20,000 to have their computer systems files decrypted. The ransom had to be paid, simply because the university had failed to properly back up its data. This must be one of the most expensive lessons ever learned at any university.
Securing the University in a Risky Environment
Unfortunately, the bigger picture is worrying. Ransomware threats are constantly increasing in number and becoming ever-more sophisticated. What should our universities do to avoid getting “system infected” warnings due to Ransomware activity? One highly recommended precaution is to use automated and isolated backup mechanisms, together with an Intrusion Detection System (IDS) both at network level and for critical assets. An IDS is a powerful resource in the battle against Ransomware, because it provides specific insights into any potential threat. The AlienVault Unified Security Management (USM) platform may be especially desirable, because it has inbuilt IDS with SIEM (security information and event management) and real-time threat intelligence. Both of these features can help in the rapid detection of Ransomware and other threats.
With increased connectivity, the real world and the digital world are becoming intrinsically connected. The Internet of Things is growing exponentially and more and more devices in offices, on roads and in homes form part of this interconnected network. Cars are propelled without people at the wheel, big data is no longer just tech jargon, and it is becoming simpler to track mobile phones, cars, and even people remotely. While this is an exciting time for technological growth, these incredible developments also have a downside. One of the biggest drawbacks to global tech progress is that third parties now have unparalleled access to private information, which is ostensibly securely stored online. This creates various cyber vulnerabilities to businesses and individuals that are unfortunately mostly ignored.
After hackers penetrated hackable software in Chrysler’s database 1.4 million vehicles had to be recalled resulting in massive losses. Digital spies are exploiting trust relationships for financial or political gain.
Bank application personal details
Corporate companies have insane levels of access to consumers’ digital movements and personal information. These examples draw a rather bleak picture – and this is only the tip of the iceberg in our increasingly connected world. Research is being conducted to identify and assess potential threats, and to formulate solutions. Some of the findings were:
- The movements and habits of online users are being tracked without their consent
- Even when users are aware of this and take steps, pattern-matching algorithms still keep track of their movements
- Options to limit data infringements are limited
- These is a mammoth lack of digital privacy in the world
- The need to address data privacy problems is increasing
Cyber Safety Options for Consumers and Companies
Once a consumer opts in to an affiliation, there is little they can do to secure their personal data, but the following protective measures are advised:
- Download reputable software for blocking and deleting cookies
- Avoid downloading unnecessary apps
- Use strong passwords and do not repeat the same password
Unfortunately, the risks are higher for companies and maintaining cyber safety is far more complicated. It is highly recommended that companies approach a cyber-safety professional to implement preventative measures and to deal with threats.
An International Issue
While the security of a country is its own responsibility, the digital world stretches across the globe and it is not always possible to determine whose responsibility digital safety is. It is interesting to note that there is a significant lack of experts in the field of cyber security, despite the upsurge in digital tech. Research has revealed that at least a million skilled workers are needed to ensure the digital safety of companies around the world. One sector that has taken off recently is cyber insurance. Unfortunately it is not without issues. Policies are not providing protection to policy-holders for reasonable data protection and are rife with exceptions. The reality that has not yet sunk in is that the economy will be affected if measures are not taken to deter cybercrime. The first step for companies and consumers alike is to start gathering knowledge. Without revealing the cause, a problem cannot be properly addressed. The only way forward is to harness information to explore potential solutions to this major threat.
How worried should we be about the threats posed to our homes and incomes by the new kind of computer virus known as “ransomware”? The recent, very high-profile series of attacks in which over 150 different countries were targeted by the form of the ransomware virus known as “WannaCry” have made this question seem very urgent indeed. Essentially, these attacks have made us far more conscious of how much we are at risk from the nefarious activities of cyber criminals. According to some, the WannaCry attacks may even mark the start of a whole new era, one in which hackers have become dangerously adept in the art of finding vulnerabilities in our online security systems. New levels of interconnection mean that we need to be more aware of our cyber security needs and ready to apply all necessary measures quickly and effectively.
Cyber Security and Its Future
When certain Microsoft Windows operating systems were hit by the recent wave of WannaCry attacks, users found that ransomware had been downloaded onto their computers and that this malicious software was preventing them from accessing their computer systems. The cyber criminals responsible for these attacks instructed their victims that they would have to pay via the cryptocurrency known as Bitcoin if they wanted to regain access to their computer systems. Microsoft spokespersons were keen to say that the U.S. government was to blame for these failures of cyber security, but others point out that, with its commercially driven software updates, Microsoft itself helped to create the vulnerabilities that the cyber criminals exploited.
The ransomware attacks raise profound questions. Will cyber insurance become a big business? If so, how is it even possible to assess the financial value of data? Will governments now have to provide funding to defend their citizens against cyber criminality?
Over half of all organizations assume that their IT networks have been penetrated, or will be in the future. The number of IT professionals admitting that they really don’t have complete control over sensitive systems and data is increasing each year.
The First Line of Defense Has Already Fallen
Perimeter detection is the first line of defense against any attack, whether it be physical, think an alarm going off when security in your home is breached, or an ATM blocking your back card if there have been too many incorrect PIN entries. The issue currently facing many IT experts, security analysts and information security professionals is that there has previously been an over reliance on perimeter detection as the ONLY line of defense. Not only are cyber-attacks completely bypassing perimeter detection, a recent survey reported that up to 30% of all security breaches never triggered the virtual alarms, but that preventative discovery is close to non-existent in many organizations.
What is even more alarming is what happens after a security breach.
The speed with which an organization reacts after a breach is vital in not only securing sensitive information but in examining and investigating exactly what happened, finding the compromised end-points and determining the full data risk impact as fast as possible. The problem is that most organizations are reactive instead of proactively aggressive in their search for potential threats at all times. In the same survey, it was noted that up to 25% of IT security professionals were notified of data breaches and cyber-attacks by a 3rd party. By then it could be too late.
Figuring out what happened after the fact is essential. Yes. Creating a secure environment that STOPS attacks is even more vital. To do that security professionals need to be vigilant, proactive and relentless in their hunt for cyber threats before they become cyber casualties of war.