By Akshay Asija
In the past couple of decades, there has been an exponential growth in the number of internet users and the amount of personal data on the web. Today, one can sketch another person’s identity without meeting that person even once, provided one has access to the person’s digital footprint. As our presence on the internet increases, so do the threats to the integrity and privacy of our digital selves. The same is true for businesses too, as corporations are now relying on IT more than ever before. Researchers and experts are working hard to devise technologies that assuage these risks, but even so, cyber security remains a matter of concern.
2017 was dominated by major ransomware attacks and lapses in cyber security. During the WannaCry and Petya ransomware attacks, several organisations around the world found themselves at the mercy of hackers who had gained access to their classified data. The year also saw the discovery of the “KRACK” bug in the encryption standard used for Wi-Fi security. After a year of relatively minor scares, 2018 began with the discovery of Meltdown and Spectre, two critical security flaws that affect most microprocessors in use today. As all technology giants rushed to deliver patches to their product offerings in the wake of these discoveries, one thing became clear: The significance of cyber security will only increase from now on.
Ransomware in 2017
Maersk, the Danish shipping conglomerate, is among the corporations affected by last year’s Petya ransomware attack. The company’s IT systems and operational controls were attacked by hackers who used a modified version of the ransomware, called NonPetya. While several European organizations were targeted by NonPetya, Maersk was among the worst affected, facing losses up to $300 million. The attack caused a “serious business interruption” for the logistics giant, and approximately the whole of its IT infrastructure had to be overhauled as a result. According to the company’s chairman, Maersk reinstalled a total of 4000 servers, 450000 PCs and 2500 applications over a course of ten days, in which business was carried out sans any IT tools. Fortunately, the attack did not expose any confidential business and user data, and despite the absence of IT personnel, during the reinstallation, Maersk was able to carry out about 80% of its operations properly. The European arm of delivery giant FedEx also suffered losses to the tune of $300 million in September, last year due to a NonPetya attack. Another corporate victim of the ransomware attack was Merck, the American pharmaceutical giant, for which the cumulative cost of the attack was over $600 million.
Ransomware – The Return
Despite these cases of businesses facing heavy losses due to poor cyber security measures, most organizations do not prioritize IT security. According to a survey conducted by cyber security expert John Mason, about 20% of businesses have no recovery plans to tide over ransomware and/or malware attacks. A majority of modern enterprises are heavily reliant on legacy hardware and software systems, which put the company data at a risk of theft and unauthorized manipulation. Companies often have undocumented business logic embedded in legacy systems, which makes it hard for them to transition to new IT systems without hindering their normal flow of operations. New IT resources also require retraining of the organization’s staff, which is another reason for companies to stick to old, insecure systems. While it does seem convenient for a company to continue using older (and often deprecated) platforms, IT executives often ignore the impact that such a decision has on the reliability of the company data. This is the reason behind the huge impact of the recent ransomware attacks. Mason does not expect the IT managers’ unmindful attitude to cyber security to change anytime soon. A report from McAfee states that ransomware will be a popular technique among hackers to extort money from their victims in exchange for the release of their “digital hostages”. Cyber crime is likely to have a massive growth this year.
AI in cyber security: A double-edged sword
Most industries today are employing AI techniques to solve huge problems that are beyond the scope of humans. Automated repetitive workflows are served much better by software than human workers. It comes as no surprise then, that AI is increasingly being used for the detection of vulnerabilities and monitoring systems for potential threats. However, when it comes to cyber security, artificial intelligence is a double-edged sword. In a research conducted by Mason, it was found that developers of malicious software can employ machine learning techniques to detect undiscovered weaknesses in IT systems and carry out better-targeted attacks that evade defense systems and are harder to diagnose. Malicious hackers, armed with AI, can discover and exploit vulnerabilities even before patches for those are released.
What about the end users?
The best path for an individual user is to stay safe from cyber security attacks by keeping all their devices up to date with the latest software, and in general, exercise caution when accessing the internet. The rising popularity of connected “smart” appliances like internet-connected coffee makers and mattresses has allowed for software to analyze our living habits in real time to provide us with better experiences. While this is certainly beneficial to our lifestyles, such devices also open up new avenues for attacks by hackers, giving them access to more than just our phones and computers. Users should invest time and money in ensuring that all the communication between their devices is encrypted and secured. While there is no limit to the number of precautions one should take while living in this internet connected world, being aware and proactive about the risks to cyber security will go a long way.