Three civil servants employed in the intelligence service and the military were fined in the U.S. last week for involvement in cybercrime. They have been developing malware for a company in the UAE that performs cyberattacks for the UAE government.1 Is this a cyberwar?
Cyberwar is a war where invisible attackers fight their victims, who are wounded especially in terms of empty bank accounts. This is not science fiction; this is the reality of the 21st century. New 0-day vulnerabilities keep emerging day after day; there are cases of government spying , data collection on individuals and companies, and so-called “double spies”.
In this post, I will try to answer the question at what point is the cyberwar about to stop and who is going to be the winner. And even more importantly, who wants this war anyway?
In the cyber world, networking sets us apart
Thinking of information systems only ten years ago, the world of desktop users seems light years away. In just a decade, information technology has made unimaginable progress. Individuals own at least two or three devices, all interconnected and of course connected to the Internet. While routers used to be in the domain of business environments and some more hi-tech households, the home network is basically a must today.
Devices connected to networks consequently shape individual security flaws into a long security tunnel. When hackers break into an individual device, they gain free access to all devices connected to that network. That is, if they are not adequately protected. And if device users are not adequately cyber security aware.
Connections between devices and services are much better than just a few years ago, and digitalization has made our lives much in many aspects. However, our presence in various networks potentially makes our personal, medical, banking, financial and other data available to third parties. We are divided into those that leave behind a huge digital footprint and those that are almost invisible to networks. Into those who know how to recognize cyber-attacks well and those who “fall for the feint” over and over again. And at the highest level, we are divided into hackers and victims of hacker attacks.
Couldn’t we make the cyber world completely bullet-proof?
The whole world is caught in cyberwar
Hackers have always been a step ahead of their victims. Their goal is to discover new vulnerabilities and attack. On the other hand, the primary task of their victims is usually not looking for security holes, but to defend systems with various mechanisms. Which also have their drawbacks. One would expect that users yearn for security fixes, but data show that only one quarter installs a security fix as soon as it is available, a quarter in a month, the third quarter in a year, while 25 % of users never install a security fix at all.
At the business network level, managers need to perform a risk analysis posed by a particular vulnerability. Once risk level has been identified, they decide whether to accept this risk or to implement risk mitigation measures. These can be either security updates, additional equipment, or the so-called bypass routes recommended by equipment manufacturers in the event of a 0-day vulnerability.
The greatest asset in the digital world is data. Possessing data means being able to manipulate the owners. Therefore, cybercrime focuses on obtaining and reselling data. The business is booming so well that hackers rank as the best earners in the world.
Who can take advantage from security holes and naive users?
Leaving the hackers aside, there are certainly individuals and companies that can take advantage of stolen data or blackmailing. Furthermore, hacking is also beneficial for government services. They collect data on individuals they want to have more control over or want to prosecute. The stolen data is also used for international espionage and cyber warfare.
When we talk about companies benefiting from the data of individuals, we should not forget that there are cases where we ourselves allow the manipulation of our data. Think of Google and Facebook and their security policies. They ensure high data protection, but in return we consciously allow them to use this highly protected data to customize websites and ads based on the user profile. They claim it is all in the name of better user experience. But have you ever considered the amount of money you spend due to these targeted ads?
Join the army of conscious warriors against cyberwar
The best tactics for fighting cybercrime are regular testing and the elimination of critical deficiencies, as well as constant user-awareness training. Some might say that system administrators are responsible for not letting hackers in. It is true that administrators must have a very in-depth knowledge of security devices and intrusion prevention at the system level. But the protection against cyber-attacks is limited by at least two important factors:
- A large number of security fixes for vulnerabilities detected on installed systems. These fixes should be installed daily, but administrators are often overwhelmed with other tasks.
- Insufficiently aware or ignorant users who don’t notice harmful links or attachments. Users who recognize intrusion attempts can many times prevent an attack on our business or home network.
Imagine a medieval city with somewhat broken or weak walls. If only a few citizens defend this vulnerable wall, while the rest is standing aside and only watch suspiciously at the warriors who want to occupy the city, the wall will quickly fall. On the other hand, if the citizens form a solid shield around the wall, the city may remain safe despite some holes in the wall. They will protect the city even better if they regularly play “cops and robbers” and try to invade the city in various ways. It’s the same with cyber security.
User training and penetration tests
Social engineering is still the best way to enter the network for the first time, and it is most often done through targeted fishing attacks. This is not just about classic e-mails with poor grammar. Modern attacks can also deceive us with online ads or videos. Therefore, it is very important that we learn to pay attention to all the traps that the attackers want to catch us in.
An effective way to acquire skills in recognizing fishing attacks is through security awareness training. Constant and unannounced confrontation with various attempts to attack the user helps us recognize the tricks that hackers use to get us into trouble. Such training does not limit individuals only to the business environment, but they use the knowledge in their daily life. They pay attention when they browse the internet at home, when children want to install games, they do not connect to unsecured networks, etc. By doing so, they also set an example to colleagues, friends, and family.
At the IT system level, we can achieve a strong defense through “tricks” called penetration tests and security checks. You do not have to always pentest the entire system. You can focus on web applications and another time on the server part, but it is definitely a good idea to run such tests on a regular basis and to take the penterster’s recommendations very seriously. The goal of the penetration test and security scanning is to improve the cyber security of the entire information system. Or if I refer to the parable of the city – the fortification of the walls, patching the holes, stronger city gates, etc. — all these measures will improve security.
So, can we make the cyberwar end? Probably not, as hackers will always be one step ahead. However, by acting responsibly, we can at least mitigate its consequences and business damage.
To conclude, what is the key to success? In my opinion, cyber security has to get under your skin.
Contact us to make a powerful alliance to fight with in cyberwar.
1 Source: BBC