Fighting cybercrime is no hack job

Gurugram, Nov 18 (360info) Earlier this year, the US government warned state governors about foreign hackers carrying out disruptive cyberattacks against water and sewage systems.
     Increasing digitisation of our lives has meant we are more vulnerable to cybercrime than ever. And the role of cybersecurity has become crucial.
     Social engineering, deep fakes, ransomware, zero-day exploits and supply chain attacks are emerging as new forms of cybercrime.
     Social engineering includes a range of malicious activities where cybercriminals psychologically manipulate users and trick them into making security mistakes, or giving away sensitive information.
     In September, a prominent Indian businessman was swindled by cyber criminals who made him pay USD 830,000, after summoning him to a fake court hearing and threatening jail time for a crime he had not committed.
     Zero-day exploits is a cyberattack vector that takes advantage of an unknown or unaddressed security flaw in a computer software, hardware or firmware.
     Zero day means that the software or device has zero days to fix the flaw because malicious actors can already use it to access vulnerable systems.
     According to a joint cybersecurity advisory from US, Australian, British and New Zealand government agencies, several enterprise networks with zero-day vulnerabilities were the main targets of malicious cyberactors in 2023.
     Network defenders have been warned that the attackers may continue to exploit such vulnerabilities until 2025.
     From Russian cyberspies conducting an espionage campaign against Mongolian government websites, to hackers breaking into the US presidential campaign, to a faulty software update disrupting airline and hospital operations, the need for sound cybersecurity investments has never been higher.
    
     Hacking away at new technology
    
     The evolution of cybersecurity as an educational and professional discipline can be traced back to the emergence of computers and the first cases of cybercrime in the 1990s to early 2000.
     The digital revolution meant that cybercriminals learnt technology to engineer newer ways to cheat people and steal data from organisations.
     For instance, in 1994, British hackers known as Datastream Cowboy and “Kuji” attacked Rome Laboratory’s computer systems more than 150 times.
     Rome Laboratory is the US Air Force’s premier command and control research facility. During the attacks, the hackers stole sensitive data on air tasking order research.
     Air tasking orders are messages military commanders send to pilots during wartime. The orders provide information on air battle tactics, such as where the enemy is located and what targets are to be attacked.
     Through the 1990s, banks were robbed, credit card information was stolen and used, and government networks were broken in. Later, as technology evolved, so did the criminals. From devising simple viruses to sophisticated malware, direct attacks to phishing and social engineering, simple financial frauds to large-scale data breaches – cybercrime really came into its own.
     Now, cybercriminals are evolving their way to exploit vulnerabilities using advanced tools such as AI and automation, and continue to target critical infrastructure. Recent security breaches such as AI-based phishing attacks in 2023 and the 2018 hacking of Facebook’s user data show the evolution of the criminals, and their adaptability to the latest technology.
    
     But security systems have been evolving too.
    
     Increased transfer of information over the web, particularly sensitive information, has led to new technologies in encryption, firewalls and other mechanisms to ensure adequate security and maintain credibility of transactions over the internet.
     For instance, Zero Trust firewalls, a security model, establishes trust through continuous authentication and monitoring of each network access attempt.
     This is different because in a traditional model it was assumed that everything in a corporate network can be trusted.
     Other traditional measures of security management include demilitarised zone, and access control and intrusion detection methods.
     A demilitarised zone or DMZ is a physical or logical subnet that separates a local area network (LAN) from other untrusted networks — usually, the public internet. New security measures such as web application firewalls with advanced threat protection have also been designed to detect and protect against common security flaws in web traffic.
     These are essential for online businesses such as retailers, banks, healthcare and social media, which need to protect sensitive data.
     To ensure cybersecurity, all organisations need to put in place policies and procedures, based on certain best practices, beyond the simple defences of specific systems and networks.
    
     Global unity to fight cybercrime
    
     Over the years, cybersecurity has evolved to become a crosscutting discipline across computer science, information technology, legal and psychological and risk management domains.
     It is essential to protect not just data systems and networks, but also physical structures such as industrial control systems, healthcare infrastructure, as well as basic systems such as energy grids, ATMs, payment processing systems, banks and cryptocurrency platforms.
     Governments across the globe have identified cybersecurity as a key area of concern, and put into place laws to protect information.
     Some examples include the Cybersecurity Information Sharing Act and Health Insurance Portability and Accountability Act in the US, and the General Data Protection Regulation in the EU.
     In India, the Digital Personal Data Protection Act came into force in 2023, and a new law to protect personal data is being considered.
     Enterprises such as Microsoft, Google, Walmart, and Amazon have made significant investments in cybersecurity, including using advanced AI and machine learning for real-time threat detection. Google's Chronicle platform, for instance, offers a security analytics tool.
     In August, the United Nations also finalised a new cybercrime treaty, which seeks to improve international collaboration in combating cybercrime.
     It outlines measures for countries to collect and share data on suspects, ease the extradition of cybercriminals, and confiscate crime-related proceeds.
     But the cybersecurity environment is dynamic.
     New threats such as the botnets, cloud security threats such as API vulnerabilities require constant vigilance and innovation to stay ahead of cybercriminals.
     With newer measures such as advanced anti-phishing technologies, and threat intelligence to counter zero-day vulnerabilities, cybersecurity professionals can create a strong protective shield encompassing different levels of government, businesses and individuals. (360info) SCY
SCY

(This story has not been edited by THE WEEK and is auto-generated from PTI)