Cyber World Growth 2021 – Using Intelligent Crime Technique
Published on : Friday 05-02-2021
By : Editorial Team
A new normal of cybersecurity architecture will emerge as a potential business for anti-virus companies, predicts Jasbir Singh.
When a cyber-attacker tries to gain unauthorised entry to a server system/digital network for the purpose of information theft, disruption of performance by hacking the system to bring under its fallacious control or other nefarious reasons for malicious intention, it is categorised as cyber-espionage. A cyber-attack is carried out remotely by someone who is not authorised by the organisation/system owner or having given a rightful access to change the setting of the server to manipulate data. A cyber-attack is a deliberate attempt by an individual or organisation with malicious intention to rupture the information system of another organisation/individual. The attacker is usually intent on some type of benefit by disrupting the target network. There are two types of cyber-attacks: one where a system has been hacked to shift control and the other where organisations do not even understand that their system has been hacked to steal data. Cyber-crime has recorded a sharp increase every year as attackers try to get benefited from the information of vulnerable businesses. Cyber-crime protection costs companies a huge amount every year.
As per media information India is ranked 11th worldwide in the number of cyber-attacks caused by servers that were hosted in the country. A statement, issued by the chairman, DRDO mentions ‘a number of SMEs and MSMEs (micro, small and medium enterprises)’ being nurtured by the DRDO as these are supplying small components to subsystems for its projects. He added that scientists to focus on next generation needs, including cybersecurity, space and artificial intelligence.
Cyber-attacks can be performed in many different ways where attackers can infiltrate into servers/IT systems/communication networks, mostly using similar techniques.
Common types of cyber-attacks and network vulnerabilities
Malware: This is described as malicious software, including spyware, Ransomware, viruses, and worms. Malware breaches a network through a link or email attachment and that by itself install malevolent software in the system. This blocks access to key components of the network, obtains information from the hard drive (spyware), and disrupts the system to become inoperable.
Phishing: It is created by sending fraudulent communications through email. The intention is to steal sensitive data like credit card and login information or sometimes to install malware on the target machines.
Denial-of-service attack: This floods the target systems, servers, or networks with unwanted traffic to exhaust resources and bandwidth. By doing this the attacker makes the system unstable which in turn denies the legitimate request of the user.
SQL injection attack: In this cyber attacker inserts malicious SQL code in the server through a website search box. The aim is to extract information revealed through SQL code.
DNS tunnelling attack: It sends HTTP and other protocol traffic over DNS. With this disguise outbound traffic is created as DNS, concealing data that is typically shared through an internet connection. It is used for command and control call-backs from the attacker’s system to a hacked system.
Cross-site scripting (XSS) attacks: It is similar to SQL injection attacks; here, it used to infect other users, who visit the site instead of extracting data from a database. An example for this is the comments section on a webpage.
‘Drive- by download' attacks: It contains downloading malicious code onto a user's computer unsuspectingly when a user visits a website or fills up data to a form received from an unknown source. This malicious code once downloaded shall be used by the attacker to steal passwords or financial information stored in the computer.
AI-powered attacks: Use of Artificial Intelligence to launch sophisticated cyber-attacks uses AI-powered botnets engaged through slave machines to perform a huge DDoS attack. Ability of AI-powered software is to learn the best approach and adapt that to attack methodology accordingly and automatically.
IIoT-based attacks: IIoT devices are generally less secure than most of the modern operating systems having inbuilt firewalls. The internet-of-things with AI is relatively a new concept in cybercrime and its methodology/impact is yet to be known how the cyber-criminals will use it to exploit IoT devices and its outcome where to end.
New malware variants
Growth in cyber industry
2021 onwards, Covid-19 will still continue to be impacting human lives, societies, businesses, and affected populations with the current pandemic, which will change businesses behavioural patterns as the year progresses. We need to be prepared for a series of ‘Next Normals’ and readily respond to those changes. Covid-19 will continue to dominate at national/international news, vaccine developments and during its shot given to a larger population of society or new national restrictions sometimes may be applied diligently in some parts of the world. Cyber-attacks may continue to disrupt remote learning activities over the coming months/year. With mass ‘Work From Home’ practices and increased digital transformation in 2020, cybersecurity has become a major factor to create a safe environment for remote performance. More attacks may occur on home computers and local networks, by cybercriminals using home offices as potential crime hubs by taking advantage of unpatched systems or architecture weaknesses of others. The global pandemic has forced industry to remote working where employees operate their systems beyond the protection of the corporate firewall. The Covid pandemic forced almost every organisation to work in changed working conditions and maintain productivity even in the wake of a changing environment. IT and IT security challenges will most likely persist throughout 2021. Cyber-security shall now become a major business differentiator.
Trend and targets
As per news the large number of mergers and acquisitions started by big companies internationally during a pandemic will apparently cause network complexity issues and integration problems, which will be devastating for the cyber teams. Company data stealing during these transactions prior to its encryption, malware threats for targeting of organisations functioning might create further problems.
Against the backdrop of Covid-19 fall-backs, series of lockdowns internationally, economic decline, sluggish industrial growth and collapse of small businesses, and pay cuts of employees due to poor performance of businesses, the potential growth cybercriminals is sure to surge as many of the skilled people explore alternative employment. The online presence of municipal services and utilities with the increased digitisation of industries and Government/Public Services will become more vulnerable to the attacks of cybercriminals. This will create more opportunities for cross-agency cyber-attacks and assaults on government functions and on the public support systems that implement them.
Use of advance technologies
Ransomware shall become more advanced and sophisticated with the availability 5G system and make it technically capable to target the vulnerable networks easily. Cybercriminals will endure to engage hackers and employ APT (Advanced Persistent Threat) techniques, scarcely probing the network of the target organisation to locate the vulnerable and most valuable systems of organisation, hijack administrator accounts, and launch simultaneous cyber-attacks using standard admin tools. APT attacks will be widely accessible to hackers from criminal networks.
The sheer announcement of security alerts, of any potential threats, is difficult for individuals/professionals to handle alone. Automation and AI developed on machine learning help security analysts separate the most urgent call/alerts from an ocean of data, and to prompt instantly remedial action to guard against threat profiles.
Cybercriminals using machine learning techniques will target new customers – those having more tempting product marketing campaigns; the banking giants’ however use machine learning algorithms in their network and server supervisory system to instantly identify known and novel security threats as they appear. AI on machine learning security tools will grow in sophistication and capability, for both to identify anomalies and automating to raise effective countermeasures simultaneously. This technique will be used by antivirus software support companies for virus detection and killing these instantaneously.
Globally APT potential cybercrime groups will prolong to grow and we will find more and more new cyber actors which can attack companies smaller or larger in scale of various industrial sectors. For the new normal of Covid-19, a new normal of cybersecurity architecture will emerge as a potential business for anti-virus companies. AI-based automation will steer networks and server security-first approach will emerge to system architecture
A few anticipated cyber challenges in 2021 for enterprises include:
1. Remote workplace security
2. Risk-based analysis & vulnerability management
3. Extended detection and response (XDR)
4. Cloud security aspect management
5. Controls for seamless cloud application
6. Domain-based message authentication (DMARC)
7. Secure & riskless authentication with no password.
Jasbir Singh is an Automation Expert with experience in Factory Automation and Line Automation in a large production house. He is an Implementation Strategist, Business Coach and a regular writer on automation, AI, robotics, digital technology, network communication, IIoT, wireless communication, blockchain and use of advanced digital technology. Jasbir has a long association with industry to improve factory automation in production lines for productivity improvement in India and overseas by advising and also transforming into a digital platform by use of AI.