CYBERSECURITY TRENDS
While cybercrime grows at an exponential rate, cybersecurity is still a fledgeling field of study. With not much literature available and cyber attacks increasing in frequency, updating ourselves has now become more important than ever. Cybersecurity is an evolving discipline, which makes cybersecurity research crucial. One may even lose track of time dissecting, analyzing and evaluating cyber attacks. Although cybersecurity might not seem an appealing career choice, it is most definitely one of the most engaging and relevant professions. Cybersecurity professionals must keep abreast of the latest developments in the field. Their bank of knowledge is constantly revised and updated. To thwart the attempts by cybercriminals to attack networks, keeping abreast of cybersecurity trends is vital. The year of 2020 welcomed the following trends.
Neglectful access to personal information- Personal data protection is now very challenging. There is very little transparency in securing and processing data that can be used to gain an accurate picture of an individual’s interests and behaviour. Most applications that we use so callously track all our activities. Internet cookies that are stored on the user’s web browser are used to track his/her interests. However, this raises pertinent security and privacy concerns for the users. Having digital eyes monitor and trail us appears to curtail freedom.
Inter-connected smart devices– When humans try to impart some of their smartness to technological devices, smart devices are born. Smart electronics are vulnerable to being targeted by cybercriminals since the Internet of Things which facilitates data sharing and seamless integration also facilitates cybercrime. Since the devices share all information, hacking a single device provides access to the information available across all other devices.
Vulnerabilities in real-time operating systems-Internet of Things devices run the risk of remote code execution (RCE) attacks. This is a major challenge as it is often deeply entrenched in a large number of devices. Organizations may not even notice these, which is why installing the latest security updates may no longer be effective.
Smart supply chains– A smart supply chain is a self-optimizing and self-organizing system. It uses the Internet of Things for virtual warehousing and streamlining the variables in the system. Although they are highly efficient and self-sufficient, they are also susceptible to cyber attacks that may compromise much of the integrated information.
Biometric identification-With biometric authentication becoming increasingly popular among organizations, there also appears to be an unfounded complacency in the same regard. While biometric authentication is one of the most secure authorization systems, attackers continue to seek access to the information protected with the fingerprints. Biometric authentication does not guarantee ultimate security. Biometric data must be encrypted so that the assets behind the authentication are secure.
Election security-Election security is a hot topic for debate in democracies the world over. The focus of this discussion appears to be on disinformation campaigns, but, cyberattacks will evolve to have a broader disruption theme that goes beyond media. Attackers have exhibited skill at disrupting democracy. There is no guarantee that an attacker who can stall public transport networks will not attack the voter registration database. An attack on the core infrastructure has the potential to shut down the entire electrical grid. This may hinder the ability of the voting system to operate consistently with trust and reliability.
It is widely acknowledged that 2020 has been a rough ride and it appears as if this trend will seep into the cyberspace. Cybersecurity companies never fail to surprise as they attempt to come up with their coping mechanisms. When big giants like Adobe and LinkedIn have fallen prey, we must guard our data more zealously.
CYBER WARFARE
The definition of the word ‘war’ has undergone a massive change. Countries need to be armed with technological ammunition as much as rifles and grenades. Countries need their digital soldiers as much as cavalry and infantry.
The brewing tension between countries increases the threat of cyber warfare. Although lives aren’t lost and guns aren’t fired, the damage that occurs is unfathomable and irreparable.
Cyberwarfare is a real threat. There are concerted cyber attacks regularly against government organisations. There has been enough media coverage that reports that Russia and China are developing cyber weapons. USA, France and Israel are equally active in this endeavour. But we needn’t feel threatened for we don’t know for sure if they intend on using their cyber resources, although they have done so in the past.
Unlike conventional weapons of mass destruction, cyber warfare is harder to track because elements like malware can be inserted into a network secretly and go unnoticed. Often, state-sponsored attacks go unclaimed, leaving scope for speculation. There are instances where hacking groups confess their crimes- although they’re never “officially” liked to a specific state. Hence, the perpetrating countries cannot be brought to justice. These weapons aren’t very different from those used in criminal attacks all the time. Botnets, ready to unleash Distributed Denial of Service ( DDoS) cause widespread damage to critical infrastructure or serve as resource diverting smokescreen. The insider threat is a very real tool in the cyber warfare armoury, with a mole able to introduce a threat directly to the network or exfiltrate highly sensitive or classified information.
According to research, the North Korean state has been linked to the active and dangerous hacking organisation codenamed HIDDEN COBRA. The Russian government is also infamous for allegedly perpetrating cyber attacks.
Cyber-attacks may be linked to hybrid warfare. The word hybrid warfare is less known and somewhat ill-defined. Its meaning has evolved over the past ten since it came into use extensively. Increasingly, though, it’s used to characterize the usual cyber warfare activities with attempts to undermine democratic processes. This tactic is also observed in state-sponsored cyberattacks, where countries claim an attack originates from “patriotic hackers” acting on their terms without any persuasion or reward from the state. Indeed, when it comes to nations, we notice another aspect of hybrid cyberwarfare, i.e., when cyberattacks are carried out alongside “kinetic attacks”, a synonym for traditional warfare tactics. It is similar to when, in the past, saboteurs would threaten sensitive infrastructure ahead of an invasion, except now the attacks happen remotely.
One of the most recent and sensational cyber warfare attacks happened in 2019. A cyberattack was conducted on the Iranian military facilities. Computer systems that power rocket and missile launchers were disabled by cyberattack. Though, Iran refused to confirm the cyberattack, although it has identified itself as one of the world’s biggest cyber threats.
Many cybersecurity experts fear that any disagreement between countries may kindle this new-age war. It seems to be only a matter of time before the simmering pot boils and destroys everything in its wake. Laissez-faire.
