Cyber-Attacks

News: Cyber attacks may be a relatively new phenomenon, but in a short time frame have come to be assessed as dangerous as terrorism.

Background:

  • The world was possibly made aware of the danger and threat posed by cyber weapons with the advent of the Stuxnet Worm in 2010, which resulted in large-scale damage to Iran’s centrifuge capabilities.
  • In the decade that followed, the West seemed to lose its way on how to deal with the emerging cyber threat.
  • The years 2020 and 2021 have proved to be extremely difficult from the perspective of cyber attacks but no changes in methodology have been seen. Ransomware is increasing in intensity and is tending to become a near destructive threat, because there are many available soft targets.
  • Statistics in this regard are also telling, , that new attacks are taking place every 10 seconds.
  • Apart from loss of data, what is also becoming evident is that ransomware criminals are becoming more sophisticated, and are using ransomware to cripple large enterprises and even governments.
  • Talk of the emergence of ‘Ransomware as a Service’ (RaaS) — a business model for ransomware developers — is no mere idle threat. A conservative estimate is that a rash of attacks is almost certain to occur on home computers and networks.  A tendency seen more recently to put everything on the Cloud could backfire, causing many security holes, challenges, misconfigurations and outages.
  • Furthermore, even as Identity and Multifactor Authentication (MFA) take centre stage, the gloomy prognostication of experts is that Advanced Persistent Threats (APT) attacks are set to increase, with criminal networks working overtime and the Dark web allowing criminals to access even sensitive corporate networks.
  • Estimates of the cost to the world in 2021 from cyber attacks are still being computed, but if the cost of cyber crimes in 2020 (believed to be more than $1 trillion) is any guide, it is likely to range between $3trillion-$4 trillion.

Targets:

  • Credential threats and the threat of data breaches, phishing, and ransomware attacks, apart from major IT outages, are expected to be among the main concerns. The vast majority of cyber attacks are directed at small and medium sized businesses, and it is likely that this trend will grow.
  • Among the most targeted sectors in the coming period are likely to be health care, education and research, communications and governments.
  • While preventive and reactive cyber security strategies are needed — and are essential to mitigate cyber risks — they are proving to be highly illusive in an increasingly hyper-connected world.

Challenges

  • There is a great deal of talk among cyber security experts about emerging cyber security technologies and protocols intended to protect systems, networks and devices, but little clarity whether what is available can ensure protection from all-encompassing cyber attacks.
  • What is most needed is absent, ,that cyber security experts should aim at being two steps ahead of cyber criminals. While the West focused on ‘militarization’ of the cyber threat, and how best it could win with its superior capabilities, valuable time was lost.
  • It led to misplaced ideas and erroneous generalisations, resulting in a decade of lost opportunity.

Way forward:

  • SASE — Secure Access Service Edge — to reduce the risk of cyber attacks.
  • Additional solutions are being proposed such as CASB — Cloud Access Security Broker — and SWG — Secure Web Gateway — aimed at limiting the risks to users from web-based threats.
  • The Zero Trust Model and Micro Segmentation as a means to limit cyber attacks, can again be self-limiting.
  • A detailed study of the series of low- and medium-level proactive cyber attacks that have occurred during the past decade is clearly warranted. A related aspect is to prevent individual companies from attempting their own tradeoffs — between investing in security and maximising short-term profits.
  • What many companies and even others fail to realise is that inadequate corporate protection and defence could have huge external costs for national security, as was evident in the SolarWinds attack.
  • The emphasis should be on prioritising the defence of data above everything else.
  • Consequently, law enforcement agencies would need to play a vital role in providing effective defence against cyber-attacks. On the strategic plane, understanding the nature of cyber space is important.
  • While solving the technical side is ‘one part of the solution, networks and data structures need at the same time to prioritise resilience through decentralised and dense networks, hybrid cloud structures, redundant applications and backup processes’. This implies ‘planning and training for network failures so that individuals could adapt and continue to provide service even in the midst of an offensive cyber campaign’.