There have been a series of high profile cyber attacks in recent months.
The end of 2020 witnessed the ‘SolarWinds’ cyber attackinvolving data breaches across critical wings of the U.S. government like defence, energy and state.
Early 2021 witnessed a cyber attack by a Chinese group called Hafnium. Thousands of U.S. organizations were hacked and remote control was gained over the affected systems. Then there was the ransomware attack on Colonial Pipeline (which is the main supplier of oil to the U.S. East Coast) by Russia/East Europe-based cybercriminals, styled Dark Side. Colonial Pipeline had to pay out several million dollars as ransom to unlock its computers and release its files.
A Russia-backed group, Nobelium, had launched a phishing attack on 3,000 e-mail accounts, targeting USAID and several other organisations.
Recently JBS SA, the U.S. subsidiary of a Brazilian meat processing company, was the target of a ransomware attack.
What is cyber resilienceis ?
cyber resilienceis the ability of an organization to enable business acceleration (enterprise resiliency) by preparing for, responding to, and recovering from cyber threats. A cyber-resilient organization can adapt to known and unknown crises, threats, adversities, and challenges.
Cyber security – Challenges and Solution.
Targeting critical civilian targets
Unlike the traditional approach to cyber warfare, cyber attacks are now being employed against civilian targets of critical importance. The fact that most nations have been concentrating mainly on cyber defences to protect military and strategic targets has left civilian targets vulnerable to attacks.
Unlike previously where the banking and financial services were most prone to ransomware attacks, recently even oil, electricity grids, and health care are being increasingly targeted.
Defending critical civilian targets against cyberattacks is almost certain to stretch the capability and resources of governments across the globe.
Increasing sophistication of the cybercriminals
The technical competence of cybercriminals has only increased. They have been employing advanced methods like ‘penetration testers’ to probe high secure networks.
Zero day software vulnerabilities are being increasingly used for cyber attacks such as ransomware, phishing and spear phishing.
A zero-day is a computer-software vulnerability unknown to those who should be interested in its mitigation. Until the vulnerability is mitigated, hackers can exploit it to adversely affect programs, data, additional computers or a network.
Ransomware is malware that employs encryption to hold a victim’s information at ransom. A user or organization’s critical data is encrypted so that they cannot access files, databases, or applications. A ransom is then demanded to provide access.
Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers or to deploy malicious software on the victim’s infrastructure like ransomware. It occurs when an attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message.
Spear phishing is the fraudulent practice of sending emails ostensibly from a known or trusted sender in order to induce targeted individuals to reveal confidential information.
Cybercriminals are becoming more sophisticated in their modus operandi. They first steal sensitive data in targeted computers before launching a ransomware attack thus resulting in a kind of ‘double jeopardy’ for the targeted victim.
Diversification of motivation for the attacks
The motivation for cyberattacks has also diversified beyond just geopolitical and profits, with ‘insider threats’ due to discontent with the management or personal reasons also emerging as a possible threat.
Targeting of high value and vulnerable sectors
Notably, the number of cyberattacks on healthcare systems has increased and cybercriminals are increasingly trying to gain access to patients’ data. The available data aggravates the risk not only to the individual but also to entire communities.
Challenges associated with data protection
With data becoming valuable in an increasingly digitized world, attacks on data and data systems are bound to intensify.
More than three quintillion bytes of data are generated every day and several billion devices are interconnected to billions of endpoint devices and are exchanging petabytes of sensitive data, on the network. This is only bound to grow. Ensuring data protection of this huge quantity of data is going to be a herculean task.
Improve awareness and preparedness
Businesses need to be aware of the nature of the cyber threat to their businesses and take adequate precautionary measures.
Officials in the public domain and also company boards need to carry out regular vulnerability assessments and create necessary awareness of the growing cyber threat.
There is the need for improved defences against actual, and potential, cyberattacks by all countries across continents.
Zero trust-based environment
Cybersecurity professionals are now engaged in building a ‘Zero Trust Based Environment’, viz., zero trust on end point devices, zero trust on identity, and zero trust on the network to protect all sensitive data.
Zero Trust Based environment technologies employ: software-defined solutions for agile perimeter security, secure gateways, cloud access security, privileged access management, threat intelligence platforms, static and dynamic data masking, etc.
Adopting deep technology
Building deep technology in cyberspace is essential. New technologies such as artificial intelligence, machine learning and quantum computing present new opportunities which need to be harnessed.
read this also 👇