In this tech-driven age, the scope of cybersecurity has widened and so have the complexities and challenges related to it. The situation has become even more serious with new technologies such as cloud, internet of things (IoT), machine-to-machine (M2M) and artificial intelligence (AI) going mainstream. IoT is transforming the way enterprises operate, and promises to bring more revolutionary changes in the future. However, the increasing number of connected devices brings with it potential data security risks. As per industry sources, 25 per cent of cyberattacks will be targeted at IoT devices by 2020.
As it turns out, the adoption of new technologies is making enterprise networks more vulnerable and hackers increasingly sophisticated. That said, some of these technologies such as AI, big data analytics and automation are being used to combat these attacks and prevent potential data breaches.
A look at the evolving cybersecurity landscape in the face of rapid technological advancements…
IoT increases risk of attack
The rise of IoT has led to a paradigm shift in the nature and intention of attacks as well as their target. Until recently, cyberattacks were targeted at traditional endpoints such as back-end computer systems and laptops, but today the focus has shifted to the edgepoints operating on the network edge.
For example, medical devices used in hospitals are a prime target for hackers and pose risks to the security of patient information and other crucial medical information. If a hacker gains control of a medical device, this can potentially put a patient’s life in danger. Similarly, IoT-connected electronic appliances used in buildings such as heaters, ventilators and air conditioners are highly vulnerable to security breaches, which can lead to serious consequences if not controlled in time. Another key target in the IoT space is connected cars. Connected cars primarily use cloud technology, which connects them with other smart devices like phones and tablets. Any breach even in one of the devices could compromise the physical safety of the autonomously driven car as well as the passengers.
In 2017, several aggressive distributed denial of service (DDoS) attacks were reported, which compromised the security of millions of IoT devices at homes and workplaces. Going forward, the criminals are expected to move beyond DDoS and ransomware attacks to home IoT devices. Users generally do not consider the implications of attacks on their home and personal IoT devices. They sometimes leave default settings and do not regularly update antivirus software on these devices like they do with their computers.
Cloud technology is witnessing significant traction amongst enterprises. As per industry estimates, around 80 per cent of organisations have some form of cloud strategy in place. The adoption of software-as-a-service continues to grow at an exponential rate as organisations undergo a digital transformation to drive business efficiency. This poses serious security challenges in terms of access and data control, user behaviour and data encryption. Organisations are sceptical of transferring critical information on to the cloud as it is prone to data breaches, data loss and insecure application programming interfaces. Meanwhile, infrastructure-as-a-service also introduces significant risks. A simple error can lead to the exposure of a huge amount of data and take down the entire system.
The cloud model faces challenges such as cloning, that is the duplication and replication of data, and unauthorised access owing to network sharing, which in turn leads to data breach issues. Cloud infrastructure has become an easy target for malware attacks such as DDoS. Even after hiring a cloud service provider, the security concerns are not eliminated. Therefore, enterprises must implement controls such as encryption, multi-factor authentication, access and key management to ensure confidentiality and integrity.
AI vs AI
AI has emerged as a powerful means to combat cybersecurity threats. Organisations have started using AI as a tool to automate the complex processes that are used to detect attacks and counteract in case of breach. AI tools raise red flags in case of a potential threat that is not possible through manual intervention. Also, while manual intervention is prone to human errors, AI systems do not make any mistakes and are very accurate. They respond to each threat in the most suitable and effective way. New AI algorithms also use machine learning to predict the nature of attacks. They typically use data from previous cyberattacks to respond to newer but somewhat similar risks.
While AI promises to combat cyberattacks, it could also be used by hackers as a tool to launch such attacks. In the coming years, attackers will deploy AI as a means to carry out more sophisticated cyberattacks. In situations where AI depends on interfaces within and across organisations, it inadvertently gives access to “bad actors”. Gradually, attackers could develop automated hacks that are able to learn about the systems they target, identify their vulnerabilities and make decisions.
Big data analytics
Organisations are increasingly transitioning to intelligence-driven security for a broader view of cyber risks and vulnerabilities. The use of big data analytics and machine learning enables businesses to conduct a deep analysis of the information collected. It helps in creating benchmarks based on statistical data that highlights what is normal and what is not. With such analysis, businesses can learn when there is a deviation from the norms, uncovering a potential threat. Big data has also become critical in the use of intrusion detection systems (IDS), as they provide all the necessary information required for monitoring a company’s network. IDS can monitor traffic on a network or on systems and identify any malicious activity or violations. IDS should be used for all such systems that can be accessed through the internet, or are mission critical to the business. Big data has the ability to analyse a series of potential security events and make connections between them to create a prioritised list of threats.
The growing threat of new malware in cyberspace and the lack of a trained workforce call for the adoption of automation as the primary tool to combat basic and known cyberattacks. Automation can cut duplicative processes, bring cohesiveness and consistency to cybersecurity responses, and harmonise cybersecurity data. In human-machine teams, automated programs handle basic security protocols while experts work on unknown threats.
That said, cybercrime is now evolving and is using automation to scale attacks more effectively. Such automated attacks can be best handled by an automated and intelligent defence system.
Given the recent trends in cyberspace, it is imperative that organisations and individuals build defences that can withstand increasingly sophisticated cyberattacks. However, the advanced technology solutions being used to combat threats will also be used by hackers to launch attacks. Therefore, security efforts must shift from simply safeguarding traditional endpoints to protecting edgepoints as well. As areas of networking, storage and computing converge, cybersecurity can no longer be seen as just an IT issue by enterprises.