Historicity of Cyber security

In its plain terms, Cyber security has been described as a state or process of protecting computer systems, networks and software programs from any type of cyber-attack and recovering from such resulting events as unauthorized information disclosure, theft of or damage to hardware, software or digital data, as well as from denial or misdirection of the services.

Cyber security and cyber-attacks have been known to exist in one form or the other since the last over five decades which have observed phenomenal developments in which several techniques and technologies of cyber-attacks and countermeasures have evolved and put to use. One of the earliest known attempts (in 1971) to deal with cyber security in academic circles was with the development of Creeper , a computer worm that corrupts a computer program, and simultaneous with this was the development of Reaper , an anti-virus software, that removes Creeper.

A number of techniques and technologies have evolved over the years for cyber-attacks and the countermeasures to ensure cyber security of the infrastructure, intellectual property and data. Some popular ones among them are briefly mentioned here.

Cyber-attacks

cover techniques such as social engineering scams, phishing and spyware, spoofing or snooping, ransomware, malware, denial of service, eavesdropping, backdoor, multivector polymorphic, privilege escalation, tempering and data poisoning.

Cyber security

covers techniques such as social engineering, multifactor authentication, password protection, anti-virus, firewalls, intrusion detection, intrusion prevention, digital hygiene, vulnerability management, identity and access management, and technologies of cryptography, blockchain, quantum computing, artificial intelligence, cyber forensics etc.

Amidst such developments, the subject of cyber security has become increasingly relevant primarily due to explosion in use of computers and widespread deployment of Internet and wireless networks such as Blue tooth and WiFi, and consequential growth of smart devices and Internet of things (IoT), evolution of cloud services, and the challenges thrown in the contemporary world of a wide ranging counter and counter measure technologies.

Some Pointers

Here are some pointers to the assessments and predictions made that show how gigantic is the whole issue of cyber threats that is plaguing the world of happening digital events. These are sourced from the data, as reported by Cyber security Ventures in

Cybercrime Magazine

• Cybercrime damages will cost the economies globally US$ 10.5 trillion by 2025, up from US$ 3 trillion in 2015 and US$ 6 trillion by 2021, which represented 0.8 % of the global GDP.
• Global damage costs due to ransomware alone will reach US $ 20 billion by 2021, 57 times more than that in 2015.
• Global spending on cybersecurity products and services will exceed US$ 1 trillion cumulatively from 2017 to 2022. Worldwide spending currently is US$ 124 billion.
• Global spending on Identity and access management (IAM) products and services alone will exceed US$ 16 billion annually by 2022.
• There will be 3.5 million unfilled cybersecurity jobs by the end of 2021, up from 1 million openings in 2014.There is thus an acute shortage of multi skills in the area of cyber security.
• Global spending on security awareness training for employees is predicted to reach US$ 10 billion by 2027.
• Women represented 20 percent of cybersecurity workforce globally in 2019. This number is growing by year.
• Data globally is growing at 40% per year. The world will store 200 zettabytes of data by 2025. Half of this data will be stored in the Cloud that throws challenge to preserve it well.
• By 2021 more than 70 percent of all cryptocurrency transactions annually will be for illegal activity. How would Blockchain technology deal with this issue safeguarding the interest of the Governments and national economy, is the issue being currently debated.
• Cyber-crimes are vastly undercounted, as only 10-12 % of the cybercrimes committed are reported annually. This makes the measuring task of cybercrimes very difficult.
• There is a general lack of knowledge among the small to medium enterprise about their current tech stack’s risk quotient.
• Less than half of companies globally are sufficiently prepared for cyber-attack, and early half of all cyber-attacks are in fact committed against small businesses. 

The 5 most cyber-attacked industries

Over the past 5 years have been healthcare, manufacturing, financial services, government, and transportation. As per the IMF, cyber threats involved a US$ 100 billion loss to financial institutions annually, the largest among these industries.

• About 68% of businesses have been the victim of just end point cyber-attacks.
• There will be 6 billion Internet users by 2022, and more than 7.5 billion Internet users by 2030. This shows the colossal amount of digital transactions taking place on the web the world over, and it presents the sizeable human surface attack area.
• Cyber tools like malware, ransomware are relatively cheaply available in the market that lends itself an easy path for the cyber attackers to use and act.
• Bring your own devices (BYOD) and mobile apps pose a major security threat to the enterprise from cyber-attacks.
• Cyber insurance market is growing a double-digit figure and is expected to reach a value of pessimistic US$ 14 billion with a CAGR of 28% by 2022.
• The total number of user and privileged accounts that will need to be secured, which is a combination of human and machine passwords, already exceeds 200 billion, and expected to reach 300 billion by 2030. This is besides biometrics and face IDs being used instead.
• Newly reported zero-day exploits will rise from one per week in 2015 to one per day by 2021.
• There are estimated 200 billion IoT devices as of 2020, 20 million connected cars and 0.5 billion wearable devices that produce a humongous amount of data that has to be preserved both while at rest or in transit.

Sources of Cyber threats

The cyber attackers from whom one has to defend cyber systems range from thrill seekers, criminals, activists, extremists or State sponsored. The range of techniques and technologies adopted by them are therefore wide and dispersed. The key techniques/technologies here are;

Social Engineering Scams - methods adopted by the attackers that aim to convince host to disclose its secret data, thereby compromising personal information.

Phishing & Spyware - method of acquiring sensitive information directly from the host user by deceiving them using a software that aims to gather such information and send it to another entity.

Spoofing - is the act of disguising a communication from an unknown source as being from a known trusted source thereby masquerading as a valid entity through falsification of data.

Ransomware - is a software that enables gaining access to one’s computer and using it to encrypt the data files rendering the data residing on the computer unusable by its host owner. Hackers then  demand a ransom from the host in return of their computer and data files.

Malware - is the generic name of a software that intentionally causes damage to the computer, software program or the network. Popular examples are computer virus, worms, trojan horses, ransomware, adware, rogue software, wiper, scareware. Hackers generally use it to steal the intellectual property of the host.

Denial of Service - is an attack on the host computer or network resource designed to make it unavailable by locking the host account.

Eavesdropping - is an act of surreptitiously listening to a communication between the hosts and the hacker using the contents of communication to their malicious designs. Communication channels may be wireless, internet or land lines.

Tampering - is an act of malicious modification of the data on a computer system. Data poisoning has been lately used by the attackers by modifying the training data used for building algorithms in machine learning applications, causing an erratic algorithm to be used.

Backdoor - is an algorithm that helps bypassing any normal authentication used for secure access to computer systems.

Privilege escalation - is an act whereby an attacker is able to elevate its privileges for access to the computer system and network, thereby giving access to such sensitive information to the attacker as are available to super system admins.

Advanced Persistent Threat (APT) - it is an act of covert cyber attack on a computer network where the attacker is able to secure and maintain unauthorized access to the network, and such access remains undetected for such a significant period as to enable the attacker monitor, intercept and relay sensitive information. Since the sole intention here is to steal intellectual property through unauthorized infiltration into the network rather than cause any network damage or deny service, the attacks are generally inspired by Governments and nation states with political motives or military intelligence. The APT implies that it uses some form of sophisticated malware to exploit vulnerability by external command and control system with human involvement to orchestrate the attacks.

Cyber terrorism, Cyber espionage - These are also the other expressions used primarily to signify breaching the cyber systems and instill panic among the public and polity. Cyber terrorism refers to unlawful attacks on computers and networks to intimidate governments and the people, some time even to result in or threaten loss of life. Cyber espionage refers to the cyber-attack in which an unauthorized access to sensitive data is attempted for economic gain, competitive business advantage or political lead.

Technologies - are lately being tried to sophisticate the cyber-attacks with the use of Artificial Intelligence, Blockchain or Quantum computing to circumvent the traditional data security controls used by the user organizations.

Impacts of Cyber attacks 

There are mainly four types of losses that are impacted by Cyber-attacks. These are;

Economic - loss due to stealing of intellectual property, corporate data/information, disruption in trade and breaks in manufacturing and supply-chain.

Reputational - weaning off consumer trust, loss of customer, erosion of shareholders’ value and poor media coverage.

Regulatory – lead to noncompliance of universal General Data Protection Act (GDRP), local regulatory acts in poor light, regulatory fines etc.

National security - due to major critical systems going at risk threatens the basic fabric of national security.

And the areas that are affected most are;

• Theft of information that are sensitive in nature such as intellectual property of corporates, rendering economic and reputational loss.
• Power grids and other critical infrastructures like telecommunications that can be disrupted or destroyed.
• Industrial controls, mainly of cyber physical systems, that manage manufacturing of critical goods which can be severely impacted.
• Identity theft that can cause heavy toll on reputation of key individuals, institutions, or nations.
• Compromise on data integrity that can breed distrust within the organization and among its customers it serves. Data breach costs are heavy, of the order of US$ 150 million per breach on an average as per an estimate reported.
• Systems most at risk are financial, utilities, healthcare systems, energy, consumer services, manufacturing, transportation-aviation in particular.
• Software programs, as there are reported 111 billion lines of software codes being produced every year, which render them to potential massive vulnerabilities that can be exploited.
• Deep web, Dark web as it is commonly called, which promotes criminal activities, is estimated to be 5000 times larger than surface web, which is a great cause of concern to the Administration.
• Millions of individuals fitted with medical implants which are networked and monitored who are at risk of being hacked. The dimension of this situation is growing as there will be some 45 trillion networked sensors some two decades from now as per an estimate by Fairchild Semiconductors.

To gain an insight into the loss as a result of cyber-attack, a look at the world’s biggest incident of data breach would throw some light. Yahoo suffered presumably the biggest data breach during 2013-2016. It involved 3 billion user accounts-almost every single account maintained by Yahoo. In the breach the cyber criminals stole the passwords using hashing techniques, and as a result users were unable to access their accounts as passwords did not match with their names. In fact, the attack exposed their names, e mail addresses, telephone numbers, date of birth, security questions and answers and hashed passwords using the manufactured web cookies to falsify log-in credentials that allowed access to all this personal sensitive data without a password. According to Yahoo, the breach was suspected to have been carried out by state sponsored actor. As for the financial loss, the reputation loss was the biggest concern even as the stolen data was sold to  the interested agency at some premium amount. Besides, against one of the lawsuits filed, a settlement amount of US$ 117.5 million was agreed to be paid to the affected users. 

Countermeasures to build robust Cyber security

The amount any Organization spends to protect its intellectual property from cybercrimes, as understood, should generally be only a small fraction of the cost of the assessed loss of the intellectual property if not protected well. Cyber security budgets in the various countries thus continue to grow every year. It is observed that spending on cyber security is not only growing every year but growing faster than Information technology spending. As per the Gartner estimate the worldwide spending on cyber security grew at 10.5% compared to 0.4% growth on spending on Information technology systems. On an average 15% of IT spend is on cyber security by most IT companies.

Evaluating the cost-benefit of investing in building better security systems to reduce impact of cyber-attacks on business-critical processes, it may appear as disproportionately high given the likely impact of the attacks, and as reported successful attacks do negatively impact reputation, apart from the economic loss, and consequently the intangibles are hard to retain. Improving security should therefore be viewed as an investment and insurance against brand image.

Fundamentally, it may be hard to control motivation and capabilities of cyber attackers, but one can make it harder to let them perform in their ill designs or reduce the impact of the attack. As understood from the reports, as cyber criminals are always on prowl and are becoming sophisticated by the day in their approach and strategy, the Governments have to act to make laws stricter, including punishing those for their failures to protect their data, and equip them to adequately secure their data and cyber systems.

Some of the various countermeasures to making cyber security an essential element of the cyber eco system, that are resorted by the Governments and corporates to build robust cyber systems are mentioned here.

• Invest in cyber security as an essential act of cyber connectivity/
• Contribute to a stronger security posture that spreads the word to the adversaries
• Invest in capacity building and develop skilled human resource needed in large numbers
• Build a cooperative environment among public and private sectors to protect digital assets
• Establish a cyber security strategy within every organization
• Implement cyber security standards like ISO 27001, BS 7799 across the organizations
• Adopt and use data loss prevention tools
• Use detection and prevention of cyber threats as primary measures
• Conduct regular risk assessments and define vulnerabilities in each organization
• Adopt and use advanced technology as more cyber security is better cyber security
• Identify and report incidents and true cost of ineffective security within an organization
• High Revenue on Investment (ROI) as an accepted parameter of cyber security spend
• Define and implement stricter cyber security laws and a regulatory framework

Sources of Cyber Security

The range of techniques and technologies adopted to build and maintain secure cyber systems are;

Social engineering - practices that prevent cyber criminals from defecting the host users.

Multifactor authentication - making unauthorized access more difficult and protect passwords.

Intrusion detection and intrusion prevention - as primary methods of preventing cyber attacks.

Anti-virus and Firewalls - as an essential component of any cyber system.

Vulnerability management - to help identify weak links in the system and plug them with strong bridges built in the software architecture.

Identity and access management - is a framework of policies and technologies that manages digital identity and ensures only genuine users have access to the authorized data and cyber system resources.

Third party risk management - as there is invariably a third party involved in digital transactions on whom control is difficult to have, almost 60% of data leaks occur from there. It is therefore important to regularly monitor and evaluate 3^rd and 4^th party vendor risks.

Digital hygiene - adoption of a good digital hygiene enables to identify vulnerabilities, potential threats, and protect data, users and assets by adopting the use of reputable anti-spyware, anti-malware, setting strong passwords, update software regularly, back up regularly, keep hard drive clean etc.

Technology based security - increasing use is made of the emerging technologies of cryptography, blockchain, quantum computing, artificial intelligence in securing the cyber systems.

Skilling the user staff - it is known that cyber system is only as strong as its weakest link, and as major (almost 90%) data breaches occur due to human error, regular education and upskilling of the staff responsible for protecting the computer, software and network from cyber-attacks is essential.

Legal and regulatory framework - alongside the adoption and use of various cyber security techniques and technologies, Governments globally are introducing stricter laws, including punishing the organizations for their failures to protect their data, that will equip organizations to secure their data and cyber systems. One has to also fall in line with the policies and prescriptions of the international organizations, such as FIRST, GDRP, CERTs, ENISA so as to ensure compatibility with the universal eco system of cyber security.

National level developments in cyber security

In recent years, cyber security has become increasingly relevant in all national security issues. Cyber capabilities are now widely seen as a necessary component of national power.Cyber security is important not just for safeguarding digital infrastructure, but also for supporting countrywide digital transformation. 

India is actively addressing and engaging on cyber security issues with a multi-stakeholder approach. Some of the initiatives taken to remedy weaknesses in the cyber security area include; enforcing regulation through implementing the IT Act and pronouncing the national level cyber policy, establishing relevant agencies for research and development, encouraging industry to build and practice cyber security, defining doctrines, and exploring diplomatic alliances with like-minded strategic allies internationally.

One of the early initiatives was to institute an IT Act 2000 bringing out the guidelines and regulations for various Cyber activities. Also created an Indian Computer Emergency Response Team (CERT in) as a nodal agency to deal with cyber security threats and help strengthen security related defense of Indian Internet space.

Data Security Council of India

(DSCI), as an industry body, was also set up which has consolidated its perspective on the 2020 national cybersecurity strategy for data protection in consultation with the enterprises from various sectors such as Power, Banking & Financial services, Energy and IT/ITeS industries, with an intent to ensure a safe, secure, trusted, resilient, and vibrant cyberspace for India’s prosperity. In a democratic set up, there is also Cyber Media that transparently handles all cyber security related developments for public consumption.

National Cyber Security Policy

pronounced by the Ministry of Electronics and Information Technology (MeitY) covers the whole spectrum of information and communication technology users and providers, including Government and non-Government entities. It also acts as India's cyber security strategy and outlines several goals, including protecting public and private infrastructure, strengthening regulatory framework, increasing capacity for developing indigenous cybersecurity technology, creating a culture of cyber security, and building workforce of some 500,000 experts in cybersecurity.

As education and learning have already moved to cyberspace due to the ongoing Covid-19 pandemic, it has become utmost important to protect the privacy and security of each individual and the organization. Considering this, in

National Education Policy

(NEP 2020) reforms for higher education capacity building for ‘Cyber Security Resilience’ is given importance and is included in higher education curriculum irrespective of stream of learning. UGC has accordingly instructed universities and higher education institutions to encourage, promote and facilitate the academic fraternity to expose to cyber security discipline.

Careers in cyber security

As reported earlier, there is a woeful shortage of skilled work force in cyber security. Experienced manpower is needed at various levels of expertise by the industry, research and development organizations, and the Governments alike for functions like security engineer, security analyst, security architect, security administrator, chief security officer, chief information security officer, data protection officer, security consultant etc.

Even as the Governments and Corporates are seized of the matter of cyber security, academic institutions have a complementing and cardinal role for carrying out research and analysis on tools, techniques, algorithms, processes and systems designed to help build up higher levels of protection to infrastructure and data. Besides, it helps create new skills and generate much needed skilled resources in large numbers that will feed to the industry and research organizations. In addition, it will foster innovation by encouragement to start ups that will convert designs into products and services on a commercial scale.

The following are specific areas that an academic institution can contribute towards building a robust cyber security eco system;

• Incorporate industry relevant courses on cyber security at the undergrad and postgrad levels
• Conduct Workshops on special themes associated with cyber security and cyber forensics and draw experts from Industry and expose students, researching staff and startups to the evolving technologies of cyber security
• Carry out research on specific subjects of interest to the Industry and Governments
• Secure funding from Governments to carry out specific tasks on upskilling and researching on cyber security technology implementations and regulations
• Sponsorships from the Industry for studies and analysis on special subjects of interest on their live problems with cyber security
• . Create and impart skills on several areas of cyber security, ranging from regulations, social engineering, use of tools and techniques to newer methods of securing data and intellectual property from cyber attacks
• . Innovate on best practices of cyber security and cyber hygiene for implementation at various levels
• Promote Startups for building products and services from the research outputs for possible commercial scale exploitation
• Feed the industry and the public sector with trained manpower in cyber security which is much in demand
• Publish research and analysis work in well-known Journals for knowledge dissemination for public good
• Patent specific research work of importance to the society and economy.

Conclusion

From the ongoing discussion it is quite clear that the subject of cyber security is of immense importance to the enterprise and governments and is leading to be an essential part of national security doctrine.

As cybercrimes are getting sophisticated by day, seldom a day passes without a news media report about hacking, data breach or cyber attack impacting individuals, companies and governments. The occurrence of cyber-attacks has increased to an extent that, as reported in an example in US, a hacker attack happens every 39 seconds. And that it has become an industry by itself.

As incidents of cyber-attacks are reported fewer due to fear of reputation loss or lack of concern and knowledge on its economic impact in the long term, the costs associated with cyber-attacks are neither clear nor transparent. But it is clear, as noted from the reported cyber-attacks, that the damages are immense and on several fronts.

With cyber-crimes increasing in sophistication, speed and extent, it has attracted the worldwide attention causing to create international organizations that deal with policies, regulations and compliances to adopt technology force and enforce cyber security. Governments, having seized of the matter, are thus investing huge sums to up skilling and creating framework to building robust cyber systems by adopting various techniques and technologies of cyber security.

Often, technology comes as a rescue to build shields around cyber systems that protect them using newer technologies and refined practices of cyber security. There is a race between the cyber criminals and cyber security personnel for the hosts to adopt measures and countermeasures and counter countermeasures to building a cyber connectivity eco system as an important driver of productivity, innovation and growth of the economy.

So how secure are the cyber systems is the moot question best answered by i) evaluating how advanced the technologies and practices adopted by the hosts in the cyber systems are, ii) how vigilant are they about any cyber threats, and iii) how fast is the speed of countering any attack that may come to the notice of the hosts.

Cyber systems activities have to grow with the speedy digital transformation taking place in the society and economy, data has to increase in size and complexity, and security and privacy have to remain as cardinal requirements of the industry to keep their business going uninterruptedly. It is this assertion that will continue to drive institutions with all out efforts towards cyber security to help maintain one upmanship of the hosts with all cyber-crimes.

Cyber Security Magazine