There have been a series of high profile cyber attacks in
recent months.
The end of 2020 witnessed the ‘SolarWinds’ cyber attack
involving data breaches across critical wings of the U.S. government like
defence, energy and state.
Early 2021 witnessed a cyber attack by a Chinese group called
Hafnium. Thousands of U.S. organizations were hacked and remote control
was gained over the affected systems. Then there was the ransomware attack
on Colonial Pipeline (which is the main supplier of oil to the U.S. East Coast)
by Russia/East Europe-based cybercriminals, styled Dark Side. Colonial Pipeline
had to pay out several million dollars as ransom to unlock its computers and
release its files.
A Russia-backed group, Nobelium, had launched a phishing
attack on 3,000 e-mail accounts, targeting USAID and several other
organisations.
Recently JBS SA, the U.S. subsidiary of a Brazilian meat
processing company, was the target of a ransomware attack.
What is cyber resilienceis ?
cyber resilienceis the ability of an organization to enable business
acceleration (enterprise resiliency) by preparing for, responding to, and
recovering from cyber threats. A cyber-resilient organization can adapt to
known and unknown crises, threats, adversities, and challenges.
Cyber security – Challenges and Solution.
Targeting critical civilian targets
Unlike the traditional approach to cyber warfare, cyber attacks
are now being employed against civilian targets of critical importance. The
fact that most nations have been concentrating mainly on cyber defences to
protect military and strategic targets has left civilian targets vulnerable to
attacks.
Unlike previously where the banking and financial services
were most prone to ransomware attacks, recently even oil, electricity grids,
and health care are being increasingly targeted.
Defending critical civilian targets against cyberattacks is
almost certain to stretch the capability and resources of governments across
the globe.
Increasing sophistication of the cybercriminals
The technical competence of cybercriminals has only
increased. They have been employing advanced methods like ‘penetration testers’
to probe high secure networks.
Zero day software vulnerabilities are being increasingly
used for cyber attacks such as ransomware, phishing and spear phishing.
A zero-day is a computer-software vulnerability unknown to
those who should be interested in its mitigation. Until the vulnerability is
mitigated, hackers can exploit it to adversely affect programs, data,
additional computers or a network.
Ransomware is malware that employs encryption to hold a
victim’s information at ransom. A user or organization’s critical data is
encrypted so that they cannot access files, databases, or applications. A
ransom is then demanded to provide access.
Phishing is a type of social engineering attack often used
to steal user data, including login credentials and credit card numbers or to
deploy malicious software on the victim’s infrastructure like ransomware. It
occurs when an attacker, masquerading as a trusted entity, dupes a victim into
opening an email, instant message, or text message.
Spear phishing is the fraudulent practice of sending emails
ostensibly from a known or trusted sender in order to induce targeted
individuals to reveal confidential information.
Cybercriminals are becoming more sophisticated in their
modus operandi. They first steal sensitive data in targeted computers before
launching a ransomware attack thus resulting in a kind of ‘double jeopardy’ for
the targeted victim.
Diversification of motivation for the attacks
The motivation for cyberattacks has also diversified beyond
just geopolitical and profits, with ‘insider threats’ due to discontent with
the management or personal reasons also emerging as a possible threat.
Targeting of high value and vulnerable sectors
Notably, the number of cyberattacks on healthcare systems
has increased and cybercriminals are increasingly trying to gain access to
patients’ data. The available data aggravates the risk not only to the
individual but also to entire communities.
Challenges associated with data protection
With data becoming valuable in an increasingly digitized
world, attacks on data and data systems are bound to intensify.
More than three quintillion bytes of data are generated
every day and several billion devices are interconnected to billions of
endpoint devices and are exchanging petabytes of sensitive data, on the
network. This is only bound to grow. Ensuring data protection of this huge
quantity of data is going to be a herculean task.
Improve awareness and preparedness
Businesses need to be aware of the nature of the cyber
threat to their businesses and take adequate precautionary measures.
Officials in the public domain and also company boards need
to carry out regular vulnerability assessments and create necessary awareness
of the growing cyber threat.
There is the need for improved defences against actual, and
potential, cyberattacks by all countries across continents.
Zero trust-based environment
Cybersecurity professionals are now engaged in building a ‘Zero
Trust Based Environment’, viz., zero trust on end point devices, zero trust on
identity, and zero trust on the network to protect all sensitive data.
Zero Trust Based environment technologies employ:
software-defined solutions for agile perimeter security, secure gateways, cloud
access security, privileged access management, threat intelligence platforms,
static and dynamic data masking, etc.
Adopting deep technology
Building deep technology in cyberspace is essential. New
technologies such as artificial intelligence, machine learning and quantum
computing present new opportunities which need to be harnessed.
read this also 👇
what happend at G7 summit, objectives & India's perspective?
10 best web series that you Can't afford to miss
What is Fantasy Sports ? Fantasy cricket App So much fun
