Current news and how it affects cybersecurity in the future
Recent cyber security news
Recent years have been marred with a lot of undesirable news regarding cyber-attacks. In 2018 for instance, there were major cyber security incidences, all which have an effect on cyber security trends in the future. To begin with, it was reported that a total of 144 universities within the United States were hit by various forms of cyber-attacks.[1] The U.S. Department of Justice indicted nine Iran nationals, charging them with various cybercrimes. Among the charges included perpetrating cyber-attacks for a span of three years with the aim of gaining unauthorized access and stealing more than 31 terabytes of data and intellectual property totaling to $3 billion.[2] An investigation revealed that the hackers were based in an official organization (Mabna Institution), which was purposely set up to steal scientific resources from all parts of the world. In other words, the news led to revelation of growth of state-sponsored hackers.
Exactis, a U.S. based company, also suffered a major data breach that exposed personal information belonging to some 340 million customers.[3] The company is concerned with compiling and aggregating premium consumer and business data. It is estimated that Exactis has access to over 3.5 billion personal records. The data breach was as a result of the company’s security negligence as it exposed its clients’ database on a server that could be accessed publicly. Whereas the breach did not compromise information such as credit card data or social security numbers, personal information, including home addresses, phone numbers, and email addresses, was exposed. Additionally, data belonging to each client or business was detailed to include personal characteristics. The security researcher who discovered the leak, Vinny Troia, claims to have spotted the database through a simple internet search. It was not protected by any firewall or security mechanism.
In other news, a group of Iranian hackers targeting top U.S. government officials, journalists, and activists were able to successfully hack Gmail’s and Yahoo’s highly acclaimed two-factor authentication. The state-sponsored hackers used phishing activities after they had gathered relevant information regarding the selected targets and used the knowledge to send spear-phishing emails. The malicious emails were equipped with hidden images that notified the hackers once the emails were opened. The hackers created dummy Gmail and Yahoo login pages, from where they accessed login credentials, including user’s email address and password. However, where the accounts were protected by two-factor authorization, the hackers redirected the targets to pages requiring one-time password.[4] Clearly, even industry-recognized security standards, like two-factor authentication, are proving inefficient compared to the ever-innovative cybercrimes.
In another news revelation, Under Armor, a huge sports giant based in the U.S., was a victim of cyber hacks, where approximately 150 million user accounts of MyFitnessPal application were breached.[5] MyFitnessPal is an application that allows users to monitor the amounts of calories they intake and compare it with their levels of exercises. Although details regarding the data breach are yet to emerge, the data breach led to the compromise of usernames, passwords, and email addresses. It is apparent that the company had implemented improved security controls for sensitive information such as places of residence and social security numbers. Nevertheless, the breach could be largely blamed on Under Amour since all the affected accounts were encrypted with, SHA-1, an encryption technique known to be flawed and easy to compromise. Other accounts encrypted using bcrypt, a more efficient technology, were not affected by the breach.
How they affect cybersecurity in the future
All the aforementioned cyber security news indicate that the cyber-attack surface is continuing to expand. Cyber adversaries are always using unpredictable methods to penetrate systems and to steal data. In fact, some of the methods used are quite simple, yet they have the potential to cause a lot of damage. For instance, the ability of cyber criminals to hack two-factor authorization, a top security measure, using spear-phishing techniques, clearly shows that we are a long way from being cyber secure. So, what do the 2018 cyber security incidents mean for the future of cyber security?
One undeniable impact is that all organizations will have to reconsider their cyber security strategies. Irrespective of the numerous strides made towards achieving the best cyber security controls, adversaries are getting more innovative, a trend that enables them to be a step head. Cyber security models have evolved from being based on detecting and mitigating cyber incidences to preventing the incidences before they occur, but still, they are clearly not effective. Tom Corn, VMware Vice President and the General Manager of security products, opines that costs associated to cyber-attacks will continue to increase unless businesses adopt a new cyber security approach.[6]
One such approach is the homecourt advantage. This is where instead of waiting and trying to prevent a cyber-incident, focus is directed towards identifying normal behavior within a digital ecosystem. This entails identifying the usual behavior of users, applications, typical network performance, data processing and storage, and so on. This approach can enable security professionals to identify errant, abnormal, or unauthorized activities. Actions for eliminating such activities can be deployed hence securing the system. However, this approach requires businesses to thoroughly understand their network, application and data usage.
Also, as the Exactis data Brach has shown, cyber adversaries do not need to have a technical understanding to execute cyber-attacks. Data can be breached through performing a simple internet search. This is a wake-up call for all businesses to store crucial information on private servers that cannot be accessed publicly.
The recent cyber security news further reveal that cyber-attacks have gradually shifted their attention to acquiring personal data as compared to previous years where financial-motivation was the main factor behind breaches. Perhaps, this is due to the continued automation and digitization of business processes necessitating the acquisition of personal data. Cyber criminals have been more focused on acquiring personal information such as email addresses which is then used for numerous illegal activities. All organizations must hence recognize the importance of strong security controls, especially those governing the collection, storage and access of personal data. They must use strong encryption techniques to safeguard user data.
[1] https://www.wired.com/story/iran-cyberattacks-us-universities-indictment/
[2] https://www.wired.com/story/iran-cyberattacks-us-universities-indictment/
[3] https://www.wired.com/story/exactis-database-leak-340-million-records/
[4] https://arstechnica.com/information-technology/2018/12/iranian-phishers-bypass-2fa-protections-offered-by-yahoo-mail-and-gmail/
[5] https://www.forbes.com/sites/paullamkin/2018/03/30/under-armour-admits-huge-myfitnesspal-data-hack/#649ee2f0cc54
[6] https://www.vmware.com/radius/rising-costs-cybersecurity-breaches/
