Taking a byte out of cyber threats

News: The cycle of cyber-attacks and the distrust will threaten the foundations of democratic society.

 The world was made aware of the threat posed by cyber weapons with the advent of the Stuxnet Worm in 2010. It resulted in damage to Iran’s centrifuge capabilities.

 In 2012, a bank of computers belonging to the Saudi Aramco Oil Company were targeted by Iranian operatives to wipe out data on 30,000 computers. Iran was also believed to have been behind a targeted attack on the Qatari natural gas company, RasGas.

The article says that there is a need to build resilience at both the technical and human level to deal with cyber-attacks.

Why there is need to change the response methodology?

One, a new era of potential vulnerabilities is coming. The years 2020 and 2021 were extremely difficult from the perspective of cyber-attacks, but no change in methodology have been seen.

Two, if prudent steps are not taken, then cyber-crime will become more profitable than the global trade of all major illegal drugs combined.

Three, cyber threat is likely to be the biggest concern for both companies and governments across the globe. Also, in the Information age, data is gold.

Four, the consequences of cyber-crimes can be more than the damage caused by COVID-19 pandemic or natural disasters.

How cybercrime is emerging as biggest threat?

First, the most targeted sectors are: health care, education and research, communications and governments. For instance, Health-care ransomware which leads to longer stays in hospitals, delays in procedures and tests resulting in an increase in patient mortality.

Two, it is very difficult to develop preventive and reactive strategies in an increasingly hyper-connected world. For instance, new attacks are taking place every 10 seconds.

Three, ransomware criminals are becoming more sophisticated and targeting large enterprises and even governments. For instance, emergence of ‘Ransomware as a Service’ (RaaS) for ransomware developers.

Four, the emergence of work from home during the pandemic has increased the pace of cyber-attacks. The tendency to put everything on the Cloud has potential to backfire, and the Dark web is allowing criminals to access even sensitive corporate networks.

Five, there is little clarity among experts about how to ensure protection from all-encompassing cyber-attacks. Solution such as SASE — Secure Access Service Edge — to reduce the risk of cyber-attacks, CASB — Cloud Access Security Broker and SWG (Secure Web Gateway) aimed at limiting the risks to users from web-based threats, are self-limiting.

Six, the cyber technology presents certain unique challenges which need particularized answers. Hence, the western approach of devising standard methodologies and certain international norms is misplaced. It is enabling cyber criminals to gain the upper hand.

What is the way forward?

First, nations and institutions should prioritize the defence of data above everything else. Law enforcement agencies should play a vital role in providing effective defence.

Second, to devise a strategy, understanding the nature of cyberspace is important. There is need to prioritise resilience through decentralised and dense networks, hybrid cloud structures, redundant applications and backup processes. Hence, planning and training for network failures is significant so that the network can adapt and continue to provide service.

Third, backup plans should be created about what should be online or digital and what needs to stay analog or physical. The network should survive even if one node is attacked.

Four, a detailed study of the series of low- and medium-level proactive cyber-attacks is needed. It will act as deterrent because cyber-attacks at small companies can also have huge external costs for national security. For example, SolarWinds attack.

Source: This post is based on the article “Taking a byte out of cyber threats” published in The Hindu on 12^th Feb 2022.