Cybersecurity in a Digital World; 2023 and Beyond
- 01-12-2022
- Define Dream
- 12 Minutes Read
With the new strands in digitalization, Cybersecurity gains new faces day by day. Cybersecurity you have known yesterday, will probably not be around today. With a multitude of stakeholders at play; when I say stakeholders it’s both human elements, and brace for the impact; the non-human elements too, including Artificial Intelligence.
How do cyberattacks happen?
Entertainment may have led us astray, as cybersecurity is not prominently what you might have imagined. Most of the time it’s not the very well-educated and skilled black hat hacker trying to infiltrate an entity with layers of security confinements. Majority of cyber attacks happen as the users are not considerate enough about their own security. Say for example, you have misplaced your password and an interested party has seen it; Or you deliberately postpone updating your virus guard. The small acts often tip us off the cliff. Attackers do not usually break security vails, but rather wait for an opportunity, preferably a routine mistake from your side to gain access.
Why can’t we make it fool-proof?
Measures are constantly being found to counter the above as well. Two factor authentication (2FA) is one of them. Most of the platforms starting from well secured payroll systems to social media platforms like Facebook have the two factor authentication. So even if someone has your password, they cannot enter the system without the OTP code sent to the mobile you have in hand. But the U.S. National Institute for Standards and Technology (NIST) advised the public not to use SMS in 2FA as they are often prone to attackers as early as 2016. Going a step further MFA (Multi Factor Authentication) is also in the play.
But the worse thing is for every new technology is found, loopholes come up like mushrooms. In 2022 a threat actor going by the stage name Lapsus$ warned about several drawbacks of MFA leading to MFA bombing, MFA bypass, and MFA fatigue. He also predicted by the mid 2023, the world will have to find some more advanced features as MFA will no longer be viable. Current usages like push notifications, confirming from an already logged network will soon become obsolete according to the leading Tech researchers.
This is just a glimpse of what happened to 2FA and the forecast of its newest child MFA. Hence, the cybersecurity genre is not easy as it seems.
Is it only through computers?
Arguably, cyberattacks do not come in the traditional way of computers only. With the invention of the Internet of Things (IoT), things became so complex. Companies did not pay a huge interest over house alarm systems, home appliances, cars, machinery etc. The reason is that these do not necessarily store sensitive information. The fault of not securing these comes when attackers use them as a particular gateway to access some important data havens that store sensitive data. In addition to IoT, Web3 technologies are a playground to cyber attacks.
The most prone industries
Experts have suggested that the supply chain to be the most exposed area to cyber-attacks. With the new normal as the Covid hit and the new Monkeypox pandemic, supply chains have become increasingly important in running the world. This became a marketplace for attackers and the recent ransomware threat had the prominent ambition of breaking down business supply chains asking for ransoms. Another threat presented was the work from home culture. While IT professionals could contain an attack to a workplace-based environment, no one possibly can predict all the scenarios happening at households, as individual security systems can be rather costly.
What are the authorities doing?
Matt Gorham, cyber and privacy innovation institute leader at PwC and former assistant director of the FBI’s Cyber Division said that the world is being pushed to a standstill geopolitical paradigm and that is because of the absence of norms and red lines in cyberspace. Therefore, there may be new legislation introduced to prevent certain internet-based crimes. For example, a large number of countries have decided to put an end to the ransomware attacks by banning any payment to ransomware terrorists. Legislation is actually a nice word, but the real question is how can a non-maintained, unmanaged space be tamed with laws. It might be like Hercules fighting the Immortal Hydra, who grows two heads per a single cut.
While some governments try hard to eliminate cyber-attacks, some support them. As an example, some of the early 2021 ransomware attacks were in fact traced back to North Korea.
Anyway, among the many odds, cybersecurity still stands stall and secures our technological marvels. Let’s see what the future presents.