SlideShare ist ein Scribd-Unternehmen logo

New Age Cybersecurity

Kishore Jethanandani, MBA, MA, MPhil,
Kishore Jethanandani, MBA, MA, MPhil,

Firewalls have proved to be ineffective for cyber-security. Instead, a new category of security applications has emerged which learn from the criminal behavior of intruders and use data in combination with deception to trap hackers.

Technologie
1 von 14
Downloaden Sie, um offline zu lesen
Published earlier by The Mobility Hub of UBM Techweb INTERNET OF THINGS OPENS A PANDORA’S BOX OF CYBER- ATTACKS BY KISHORE JETHANANDANI M2M devices had an isolated existence in industrial plants, utilities, hospitals, transportation and smart buildings and security from cyber- attacks was not a concern. As Application Programming Interfaces expose M2M devices to the larger world of the Internet, their ubiquity is haunting the IT world with the prospect of pervasive and catastrophic cyber-attacks that will affect sensitive industrial controls and medical devices. Worse, a security breach could cause physical harm. Protection of the Internet of Things is fraught with unique challenges especially because the software is embedded in the hardware device and is wrapped up with the core of the intellectual property. It is often not possible to patch and update embedded software remotely and continuously to keep it safe without dissembling the hardware at the risk of downtime and damage to the interconnected software. Some protocols like Modbus are not designed to secure against intrusions. Hardware manufacturers are wary of revealing the vulnerabilities of the software lest the information spill to malware developers or the source code find its way to competitors. The paradigm that guided security management of the Internet of devices, using downloadable software, is rife with flaws that are hard to
repair with known methods of security management. Authentication plays a vital role when humans use devices. By contrast, M2M devices are remotely controlled by another instrument. Similarly, log file and event monitoring, a wealth of information for detecting anomalies that point to intrusion are not known to work well with the Internet of Things. “M2M is a booming industry, and hardware manufacturers pre-occupied with selling devices while users are only beginning to realize the importance of third-party security specialists to remotely monitor security,” Spencer Cramer, President and CEO of Ei3 Corporation in New York told us. “Access to the source code of the embedded device controllers is needed to integrate with security software,” he informed us. His company has been in the business of securing M2M devices for the last fifteen years and specializes in the few verticals that are already governed by standards. “We have developed a hundred custom drivers to integrate with the embedded software where standards are absent,” he revealed to us. “Economic disincentives dissuade hardware manufacturers from taking preventive measures before security risks snowball into disasters,” Andrew Jaquith, Chief Technology Officer and Senior Vice President of Cloud Strategy at Silversky told us. “Manufacturers do not internalize the social costs of security breaches due to the absence of liability for damages, the lack of compulsion to disclose them and the lack of standards,” Mr. Jaquith explained to us. “Bugs are much cheaper to fix in
the early stages and companies like Codenomicon have the technology to test for their presence,” he revealed (according to him, he does not have business relations with the company). The Internet of Things has opened a Pandora box of new challenges in Internet security. A new, system-wide strategy is needed to cope. The widespread ramifications of this new world of security threats need to be grasped quickly before a possible tsunami of cyber-threats has cataclysmic effects. Virtual Counter-intelligence: On the offense against cyber-warfare By Kishore Jethanandani Cyber-security is a misnomer as state-sponsored agents wage war-like cyber-attacks. The lexicon of cyber-security is increasingly drawing on the metaphors of physical war, decoys, stalking horses, and counter- espionage, to describe the offensive means to disrupt hostile intrusions before they strike their targets. Deception is common in physical warfare, behind the scenes, as aggressors seek to mislead their enemies so that they are unable to foil an attack. The countdown to the defeat of Germany in World War II began with the Allied forces throwing wool on the surveillance eyes of their enemies—Hitler was led to believe that an attack was looming in Pas de Calais and not Normandy. The then newly developed radio communications technology enabled the Allied forces to transmit pre-
programmed messages, ostensibly originating from diplomatic and intelligence sources that could be inferred to be an imminent landing at Pas de Calais. Allied forces had time to sneak across the English Channel without being routed by forces positioned favorably on land at an elevation. Electronic signals can help create illusions to sucker intruders into mistaking stalking horses for the targets they are seeking. In an earlier article, we had discussed the vulnerability of control systems of utilities and other physical facilities, as M2M connects to the Internet, which can be hijacked by cyber-criminals and manipulated to harm them. For example, criminals could alter water temperatures so that generators are not cooled. Cyber-criminals, however, do not have visibility into the sensors feeding analog data of electrical signals communicating with control systems. A way to hoodwink cyber-criminals is to feed sensor data from shell facilities. The nature of the interaction with them will expose their intentions without doing any damage to the facilities. Some companies are now specializing in active defense strategies for trapping cyber-criminals before they reach their target. Datasoft, for example, creates a cyber-smokescreen with virtualized instances of the network machines, actually in use, or “honeypots” masquerading as sources of valued information like login information. Cyber-criminals are more likely to tamper with the wrong virtual machine and betray their intentions. Jumpsoft creates a Winchester House-like maze of shifting virtual systems where a blind alley is hard to distinguish from
the real. Cyber-criminals will recognize the high probability of a trap and factor that into their risk perceptions. Active cyber defense techniques are becoming more common as defensive methods are proving to be increasingly ineffective against attackers covering their tracks outside and inside the networks of their victims. Google, for example, followed the footprints of its attackers and determined them to be agents of the Chinese government. The trail led to servers in Taiwan where proprietary information from a host of American corporations was found and eventually led to Chinese Government sources. One recent survey found that 36 percent of 180 companies surveyed were using offensive techniques against cyber- criminals—defensive methods have been found to be ineffective with only 6 percent able to trace the source of attacks. The rapid increase in applications usage across a broader variety of mobile devices, networks, and operating systems exposes companies to an ever-rising risk of cyber-attacks. As the number of users increases, the higher is the likelihood of inadvertent errors that expose IT systems to an intrusion. The future is for security systems that can anticipate and pre-empt cyber crimes.
The specter of pervasive sky-jacking By Kishore Jethanandani The countdown to an era of commercial drones has begun with the FAA approving the first of the six tests for their business use. So compelling are the applications of drones in remote locations, such as navigating the perilous snows of the Arctic for shipping companies and the downside of cyber-security is apparently so minimal that their business case is seemingly irrefutable. Cyber-security risks will keep regulators on tenterhooks as they test the air for drones. Eventually, they want regulations to create a safe environment for mass adoption of drones in densely populated areas where the risk of a catastrophe is very high. Intrusion into drones could potentially have the same devastating effects like the one in the Air Spain passenger airplane which prevented the alert system from reporting a system failure and led to its horrific crash. Drones will also extend the reach of the internet into the far corners of the world and expose them to the cyber-security risks common in more densely populated regions. The cyber-security hell of the future is the hijacking of swarms of drones. Hackers have shown that any one of these drones, once sky- jacked, can create a potential entry point for penetrating every other of its peers in the vicinity. Insecure Wi-Fi connections, with their unencrypted signals, leave the door open for hackers to take control.
They can then begin to use the hijacked drone as a command center that would be able to instruct every other of its peers to do its bidding including engagement in the criminal or war-like activity. The GPS sensors that guide the movement of unmanned aerial vehicles can be spoofed to redirect them at will. Drones have the technological wherewithal to be a network node, a wireless tower in the skies, and have the ability to intercept signals from mobile devices as was recently demonstrated in London. They can masquerade as one of the networks that mobile devices are calling to connect and unsuspecting users will unwittingly send their private information to them. As growing numbers of drones loom over mobile devices, they will have the ability to hijack mobile devices on an increasing scale. Drones will inexorably grow in numbers and to prevent their expansion will be no more practical than it would be for commercial aircraft. Flying commercial aircraft on auto-pilot is barely distinguishable from a drone. In fact, some hackers demonstrated a lab-scale version of the remote hijacking of commercial aircraft with mobile devices including the ability to spin them in the sky in the manner of a game! Reliable cyber-security, in such an environment, would need a mastery of all the protocols, platforms and applications, and the diversity of operating systems of devices in use all across the system and its continuous monitoring. It is hard to conceive a system of this size
managed with methods designed for enterprise networks. More likely their security management will be akin to the heterogeneous telecom networks with distributed intelligence. Drones will contribute more complexity with their movements aided by sensors. The progression of drone use from its early adoption in the military to remote area commercial applications and widespread use in urban areas will likely hinge on the successful design of a distributed network with layers of cyber-security driven by big data. Each sub-system will be as homogenous as possible with distinct groups of experts managing each one of them. Cyber-detectives on the trail of cyber-criminals By Kishore Jethanandani Cyber-security in the Enterprise is caught in a dangerous time warp— the long-held assumption that invaluable information assets of companies can be cordoned off within a perimeter, protected by firewalls, no longer holds. The boundaries are porous with many access points available to a mobile and distributed workforce, and partners’ networks, with remote access rights to corporate data via the cloud. Mobile endpoints and their use of the cloud for sharing corporate data have been found to be the most vulnerable conduit that cyber-criminals exploit for launching the most sophisticated attacks (advanced
persistent threats) intended to steal intellectual property. Poneman Institute’s survey of cyber-security attacks, over twenty-four months, found that 71 percent of companies reported that endpoint security risks are the most difficult to mitigate. The use of multiple mobile devices to access the corporate network was reported to be the highest risk with 60 percent reporting so. Another 50 percent considered the use of personal mobile devices for work-related activity to be the greatest exposure. The second most important class of IT threats was perceived to be thirty-party cloud applications with 66 percent reporting so. The third most significant IT risk of greatest concern was reported to be Advanced Persistent Threats. In an environment of pervasive vulnerabilities, enterprises are learning to remain vigilant about anomalous behavior pointing to an impending attack from criminals. “Behavioral patterns that do not conform to the usual rhythm of daily activity, often concurrent with large volumes of traffic, are the hallmarks of a cyber-criminal,” Dr. Vincent Berk, CEO and co-founder of Flowtraq, a Big Data cyber-security firm that specializes in identifying behavioral patterns of cyber-criminals, told us. “A tell-tale sign of an imminent cyber attack is unexpected network reconnaissance activity,” he informed us. Human beings need to correlate several clues emerging from the data analysis before drawing conclusions because criminals learn new ways to evade surveillance. Enterprises now recognize the importance of learning to recognize the “fingerprints” of cyber-criminals from their behavior. A 2014 survey by
PriceWaterHouseCooper found that 20 percent of the respondents see security information and event management tools as a priority and an equal number event correlation as a priority. These technologies help to recognize behavioral patterns of cyber-criminals. “Scalability of Big Data solutions to identify the behavior of cyber- criminals is the most daunting challenge.” Dr. Vincent Berk told us. “We extract data from routers and switches anywhere in the pathway of data flows in and out of the extended enterprise,” he explained to us. “The fluidity of enterprise networks today with increasing virtualization and recourse to the cloud makes it challenging to track them,” he informed us. “Additionally, mergers and acquisitions add to the complexity as more routers and switches have to be identified and monitored,” he explained to us. Dr. Berk underscored the importance of avoiding false positives which could lead to denial of access to legitimate users of the network and interruption of business activity. “Ideally, we want to monitor at a more granular level, including the patterns of activity on each device in use, and any departures from the norm to avoid false positives,” he told us. The filter of human intelligence is still needed to isolate false positives. “Granular monitoring is more accurate and has uncovered sophisticated intruders who hide inside virtualized private networks (VPNs) or encrypted data flows,” Dr. Berk revealed to us. Often, these sophisticated attackers have been there for years unnoticed. “The VPNs
and the encryption are not cracked, but the data is analyzed to understand why they are in the network,” Dr. Berk explained to us. Cyber-security will increasingly be a battle of wits between intruders and the victims. Big Data analysis notwithstanding, cyber-criminals will find new ways to elude their hunters. The data analysis will provide clues about the ever changing methods used by cyber-criminals and means to guard against their attacks. The quality of human intelligence on either side will determine who wins. HTML5’s Private view By Kishore Jethanandani Mobile devices make their transition from personal devices to intimate devices with HTML5. They can now potentially see, hear and sense the world of smartphone users aided by APIs that open the doorways to the cameras, microphones and the sensors in mobile devices. The cross- platform capabilities of HTML5 also enable virtual peeping toms, stalkers, and spies to snoop into the private world of smartphone users while covering their tracks. Sensors like accelerometers, gyroscopes, and compass, commonly embedded in mobile devices, can record motion as well its direction and slope. This data can help to determine the pathway of the user using applications built on HTML5 for mobile devices. Using cross-site
scripting and Javascript, hackers can remotely gain access to the data. Applications like Highster Mobile have been used to keep track of movements of cheating spouses to verify their stories. Remote tracking of mobile devices does not necessarily have the dark motives of cyber-criminals. They are also widely used to track teenagers and their risky behaviors with mobile devices. Location Labs now sells the FamilyBase plan for alerting parents when their teenage children are texting and driving. While intrusive, these kinds of applications can even improve safety. HTML5, designed for bandwidth efficiency, is used for real-time, cross- platform, multi-user, interactive streaming applications that need persistent connections for the transmission of small bits of data for content like stock price updates. A typical use case is the trading platform created by Interactive Brokers for day traders and hedge funds. Users receive real-time quotes with charts on an iPad and other mobile devices. The diversity of mobile devices calls for a cross- platform solution that HTML5 can provide but not native applications. Websocket, one of the platforms within HTML5, saves bandwidth use by processing multiple requests for content with a single persistent connection with minimal security overheads (the headers that accompany every packet of data transmitted). By contrast, polling makes multiple requests for content in real-time with traditional HTTP. Similarly, several data streams flow in opposite directions with a single
connection. Since multiple data streams flow on a single connection, Web sockets also open the way for distributed denial of service attacks that are hard to control without the benefit of security overheads commonly used with TCP connections. Deep Content Inspection is the alternative method for securing networks when multiple streams of data are flowing without the packet security headers to filter for malware. This approach examines the content inside packets to look for signs of criminal activity including inspection of addresses and URLs of applications to ensure they are not coming from disreputable sources. Additionally, the content flows are parsed to uncover any lurking malicious intent that might be harmful to the receiving servers. HTML5 is indispensable in the emerging world of browser-to-browser, data-rich multi-media communications prone to traffic spikes. Cumbersome security inspection methods will impede new applications. The alternative is to look for identifiers that are giveaways of criminal activity. Security management will need to get a lot more intelligent to be consistent with the needs of today’s applications.
New Age Cybersecurity

Empfohlen

CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITYCYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
Talwant Singh
 
The Defense Industry Under Attack
The Defense Industry Under AttackThe Defense Industry Under Attack
The Defense Industry Under Attack
Booz Allen Hamilton
 
Cyberwar: (R)evolution?
Cyberwar: (R)evolution?Cyberwar: (R)evolution?
Cyberwar: (R)evolution?
zapp0
 
Sophos a-to-z
Sophos a-to-z Sophos a-to-z
Sophos a-to-z
Cheng Olayvar
 
Emerging cyber threats_report2012
Emerging cyber threats_report2012Emerging cyber threats_report2012
Emerging cyber threats_report2012
day4justice
 
Nss repko
Nss repkoNss repko
Nss repko
rrepko
 
Cyber weapons 1632578286
Cyber weapons 1632578286Cyber weapons 1632578286
Cyber weapons 1632578286
Udaysharma3
 
CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016 CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016
Bolaji James Bankole CCSS,CEH,MCSA,MCSE,MCP,CCNA,
 

Empfohlen

CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITYCYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
CYBERWAR: THE NEXT THREAT TO NATIONAL SECURITY
Talwant Singh
 
The Defense Industry Under Attack
The Defense Industry Under AttackThe Defense Industry Under Attack
The Defense Industry Under Attack
Booz Allen Hamilton
 
Cyberwar: (R)evolution?
Cyberwar: (R)evolution?Cyberwar: (R)evolution?
Cyberwar: (R)evolution?
zapp0
 
Sophos a-to-z
Sophos a-to-z Sophos a-to-z
Sophos a-to-z
Cheng Olayvar
 
Emerging cyber threats_report2012
Emerging cyber threats_report2012Emerging cyber threats_report2012
Emerging cyber threats_report2012
day4justice
 
Nss repko
Nss repkoNss repko
Nss repko
rrepko
 
Cyber weapons 1632578286
Cyber weapons 1632578286Cyber weapons 1632578286
Cyber weapons 1632578286
Udaysharma3
 
CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016 CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016
Bolaji James Bankole CCSS,CEH,MCSA,MCSE,MCP,CCNA,
 
IJSRED-V2I3P69
IJSRED-V2I3P69IJSRED-V2I3P69
IJSRED-V2I3P69
IJSRED
 
220715_Cybersecurity: What's at stake?
220715_Cybersecurity: What's at stake?220715_Cybersecurity: What's at stake?
220715_Cybersecurity: What's at stake?
Spire Research and Consulting
 
Rp threat-predictions-2013
Rp threat-predictions-2013Rp threat-predictions-2013
Rp threat-predictions-2013
Комсс Файквэе
 
CYBER AWARENESS
CYBER AWARENESSCYBER AWARENESS
CYBER AWARENESS
EDUJIE DOMINIC IGHODALO
 
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” World
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” WorldTrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” World
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” World
Infinigate Group
 
Sophos security-threat-report-2014-na
Sophos security-threat-report-2014-naSophos security-threat-report-2014-na
Sophos security-threat-report-2014-na
Andreas Hiller
 
Artificial Intelligence powered malware - A Smart virus
Artificial Intelligence powered malware - A Smart virusArtificial Intelligence powered malware - A Smart virus
Artificial Intelligence powered malware - A Smart virus
Stig-Arne Kristoffersen
 
Honeypots in Cyberwar
Honeypots in CyberwarHoneypots in Cyberwar
Honeypots in Cyberwar
Mehdi Poustchi Amin
 
Cyber war
Cyber warCyber war
Cyber war
Praveen
 
Cyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece MooreCyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece Moore
Jamie Moore
 
Cyber war or business as usual
Cyber war or business as usualCyber war or business as usual
Cyber war or business as usual
EnclaveSecurity
 
Cyber Threat to Public Safety Communications
Cyber Threat to Public Safety CommunicationsCyber Threat to Public Safety Communications
Cyber Threat to Public Safety Communications
Kory Edwards
 
2015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i32015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i3
NTT Innovation Institute Inc.
 
MainPaper_4.0
MainPaper_4.0MainPaper_4.0
MainPaper_4.0
varun4110
 
Eset trends report_2018
Eset trends report_2018Eset trends report_2018
Eset trends report_2018
malvvv
 
A Cyber Security Review
A Cyber Security ReviewA Cyber Security Review
A Cyber Security Review
Simon Moffatt
 
Beza belayneh information_warfare_brief
Beza belayneh information_warfare_briefBeza belayneh information_warfare_brief
Beza belayneh information_warfare_brief
Beza Belayneh
 
Iaetsd cyber crimeand
Iaetsd cyber crimeandIaetsd cyber crimeand
Iaetsd cyber crimeand
Iaetsd Iaetsd
 
Cybersecurity and-cyberwar-singer-en-22186
Cybersecurity and-cyberwar-singer-en-22186Cybersecurity and-cyberwar-singer-en-22186
Cybersecurity and-cyberwar-singer-en-22186
Avirot Mitamura
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shifts
malvvv
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shifts
malvvv
 
Top 15 security predictions for 2017
Top 15 security predictions for 2017Top 15 security predictions for 2017
Top 15 security predictions for 2017
Accelerate Tech
 

Weitere ähnliche Inhalte

Was ist angesagt?

Sophos security-threat-report-2014-na
Sophos security-threat-report-2014-naSophos security-threat-report-2014-na
Sophos security-threat-report-2014-na
Andreas Hiller
 
Cyber war or business as usual
Cyber war or business as usualCyber war or business as usual
Cyber war or business as usual
EnclaveSecurity
 
Cyber Threat to Public Safety Communications
Cyber Threat to Public Safety CommunicationsCyber Threat to Public Safety Communications
Cyber Threat to Public Safety Communications
Kory Edwards
 
MainPaper_4.0
MainPaper_4.0MainPaper_4.0
MainPaper_4.0
varun4110
 
Eset trends report_2018
Eset trends report_2018Eset trends report_2018
Eset trends report_2018
malvvv
 
Beza belayneh information_warfare_brief
Beza belayneh information_warfare_briefBeza belayneh information_warfare_brief
Beza belayneh information_warfare_brief
Beza Belayneh
 

Was ist angesagt? (19)

IJSRED-V2I3P69
IJSRED-V2I3P69IJSRED-V2I3P69
IJSRED-V2I3P69
 
220715_Cybersecurity: What's at stake?
220715_Cybersecurity: What's at stake?220715_Cybersecurity: What's at stake?
220715_Cybersecurity: What's at stake?
 
Rp threat-predictions-2013
Rp threat-predictions-2013Rp threat-predictions-2013
Rp threat-predictions-2013
 
CYBER AWARENESS
CYBER AWARENESSCYBER AWARENESS
CYBER AWARENESS
 
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” World
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” WorldTrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” World
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” World
 
Sophos security-threat-report-2014-na
Sophos security-threat-report-2014-naSophos security-threat-report-2014-na
Sophos security-threat-report-2014-na
 
Artificial Intelligence powered malware - A Smart virus
Artificial Intelligence powered malware - A Smart virusArtificial Intelligence powered malware - A Smart virus
Artificial Intelligence powered malware - A Smart virus
 
Honeypots in Cyberwar
Honeypots in CyberwarHoneypots in Cyberwar
Honeypots in Cyberwar
 
Cyber war
Cyber warCyber war
Cyber war
 
Cyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece MooreCyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece Moore
 
Cyber war or business as usual
Cyber war or business as usualCyber war or business as usual
Cyber war or business as usual
 
Cyber Threat to Public Safety Communications
Cyber Threat to Public Safety CommunicationsCyber Threat to Public Safety Communications
Cyber Threat to Public Safety Communications
 
2015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i32015 Global Threat Intelligence Report Executive Summary | NTT i3
2015 Global Threat Intelligence Report Executive Summary | NTT i3
 
MainPaper_4.0
MainPaper_4.0MainPaper_4.0
MainPaper_4.0
 
Eset trends report_2018
Eset trends report_2018Eset trends report_2018
Eset trends report_2018
 
A Cyber Security Review
A Cyber Security ReviewA Cyber Security Review
A Cyber Security Review
 
Beza belayneh information_warfare_brief
Beza belayneh information_warfare_briefBeza belayneh information_warfare_brief
Beza belayneh information_warfare_brief
 
Iaetsd cyber crimeand
Iaetsd cyber crimeandIaetsd cyber crimeand
Iaetsd cyber crimeand
 
Cybersecurity and-cyberwar-singer-en-22186
Cybersecurity and-cyberwar-singer-en-22186Cybersecurity and-cyberwar-singer-en-22186
Cybersecurity and-cyberwar-singer-en-22186
 

Ähnlich wie New Age Cybersecurity

IoT Network Attack Detection using Supervised Machine Learning
IoT Network Attack Detection using Supervised Machine LearningIoT Network Attack Detection using Supervised Machine Learning
IoT Network Attack Detection using Supervised Machine Learning
CSCJournals
 
THE PROFESSIONALIZATION OF THE HACKER INDUSTRY
THE PROFESSIONALIZATION OF THE HACKER INDUSTRYTHE PROFESSIONALIZATION OF THE HACKER INDUSTRY
THE PROFESSIONALIZATION OF THE HACKER INDUSTRY
ijcsit
 
The Professionalization of the Hacker Industry
The Professionalization of the Hacker IndustryThe Professionalization of the Hacker Industry
The Professionalization of the Hacker Industry
AIRCC Publishing Corporation
 
Journal of Computer and System Sciences 80 (2014) 973–993Con
Journal of Computer and System Sciences 80 (2014) 973–993ConJournal of Computer and System Sciences 80 (2014) 973–993Con
Journal of Computer and System Sciences 80 (2014) 973–993Con
karenahmanny4c
 
Journal of Computer and System Sciences 80 (2014) 973–993Con.docx
Journal of Computer and System Sciences 80 (2014) 973–993Con.docxJournal of Computer and System Sciences 80 (2014) 973–993Con.docx
Journal of Computer and System Sciences 80 (2014) 973–993Con.docx
croysierkathey
 
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA RegulationTop 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
PECB
 
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
alinainglis
 

Ähnlich wie New Age Cybersecurity (20)

Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shifts
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shifts
 
Top 15 security predictions for 2017
Top 15 security predictions for 2017Top 15 security predictions for 2017
Top 15 security predictions for 2017
 
Analysis of Rogue Access Points using Software-Defined Radio
Analysis of Rogue Access Points using Software-Defined RadioAnalysis of Rogue Access Points using Software-Defined Radio
Analysis of Rogue Access Points using Software-Defined Radio
 
The Top Five Cybersecurity Trends In 2023
The Top Five Cybersecurity Trends In 2023The Top Five Cybersecurity Trends In 2023
The Top Five Cybersecurity Trends In 2023
 
IoT Network Attack Detection using Supervised Machine Learning
IoT Network Attack Detection using Supervised Machine LearningIoT Network Attack Detection using Supervised Machine Learning
IoT Network Attack Detection using Supervised Machine Learning
 
BLURRING BOUNDARIES
BLURRING BOUNDARIESBLURRING BOUNDARIES
BLURRING BOUNDARIES
 
CS_UNIT 2(P3).pptx
CS_UNIT 2(P3).pptxCS_UNIT 2(P3).pptx
CS_UNIT 2(P3).pptx
 
EFFECT MAN-IN THE MIDDLE ON THE NETWORK PERFORMANCE IN VARIOUS ATTACK STRATEGIES
EFFECT MAN-IN THE MIDDLE ON THE NETWORK PERFORMANCE IN VARIOUS ATTACK STRATEGIESEFFECT MAN-IN THE MIDDLE ON THE NETWORK PERFORMANCE IN VARIOUS ATTACK STRATEGIES
EFFECT MAN-IN THE MIDDLE ON THE NETWORK PERFORMANCE IN VARIOUS ATTACK STRATEGIES
 
Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.Cybersecurity | Risk. Impact. Innovations.
Cybersecurity | Risk. Impact. Innovations.
 
THE PROFESSIONALIZATION OF THE HACKER INDUSTRY
THE PROFESSIONALIZATION OF THE HACKER INDUSTRYTHE PROFESSIONALIZATION OF THE HACKER INDUSTRY
THE PROFESSIONALIZATION OF THE HACKER INDUSTRY
 
The Professionalization of the Hacker Industry
The Professionalization of the Hacker IndustryThe Professionalization of the Hacker Industry
The Professionalization of the Hacker Industry
 
Journal of Computer and System Sciences 80 (2014) 973–993Con
Journal of Computer and System Sciences 80 (2014) 973–993ConJournal of Computer and System Sciences 80 (2014) 973–993Con
Journal of Computer and System Sciences 80 (2014) 973–993Con
 
Journal of Computer and System Sciences 80 (2014) 973–993Con.docx
Journal of Computer and System Sciences 80 (2014) 973–993Con.docxJournal of Computer and System Sciences 80 (2014) 973–993Con.docx
Journal of Computer and System Sciences 80 (2014) 973–993Con.docx
 
C018131821
C018131821C018131821
C018131821
 
BCS ITNow 201609 - Defining the Latest Threats
BCS ITNow 201609 - Defining the Latest ThreatsBCS ITNow 201609 - Defining the Latest Threats
BCS ITNow 201609 - Defining the Latest Threats
 
Navigating the Challenges in Telecom Industry with Drones
Navigating the Challenges in Telecom Industry with DronesNavigating the Challenges in Telecom Industry with Drones
Navigating the Challenges in Telecom Industry with Drones
 
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA RegulationTop 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
 
Insecure magazine - 52
Insecure magazine - 52Insecure magazine - 52
Insecure magazine - 52
 
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
 

Mehr von Kishore Jethanandani, MBA, MA, MPhil,

Mehr von Kishore Jethanandani, MBA, MA, MPhil, (20)

Predictive analytics
Predictive analyticsPredictive analytics
Predictive analytics
 
Glide Paths from the Fiscal Cliff
Glide Paths from the Fiscal CliffGlide Paths from the Fiscal Cliff
Glide Paths from the Fiscal Cliff
 
POLITICAL RENEWAL AND PROSPECTS FOR EQUITIES[1]
POLITICAL RENEWAL AND PROSPECTS FOR EQUITIES[1]POLITICAL RENEWAL AND PROSPECTS FOR EQUITIES[1]
POLITICAL RENEWAL AND PROSPECTS FOR EQUITIES[1]
 
proactive_it_management_eliminating_mean_time_to_surprise
proactive_it_management_eliminating_mean_time_to_surpriseproactive_it_management_eliminating_mean_time_to_surprise
proactive_it_management_eliminating_mean_time_to_surprise
 
FIRE ALL FINANCIAL ADVISORS
FIRE ALL FINANCIAL ADVISORSFIRE ALL FINANCIAL ADVISORS
FIRE ALL FINANCIAL ADVISORS
 
My blogs on big data and insurance
My blogs on big data and insuranceMy blogs on big data and insurance
My blogs on big data and insurance
 
My blogs on big data and compliance in financial services and health industry
My blogs on big data and compliance in financial services and health industryMy blogs on big data and compliance in financial services and health industry
My blogs on big data and compliance in financial services and health industry
 
My blogs on big data and cybersecurity in banks
My blogs on big data and cybersecurity in banksMy blogs on big data and cybersecurity in banks
My blogs on big data and cybersecurity in banks
 
My blogs on digital media content
My blogs on digital media contentMy blogs on digital media content
My blogs on digital media content
 
My blogs on machine to-machine business solutions
My blogs on machine to-machine business solutionsMy blogs on machine to-machine business solutions
My blogs on machine to-machine business solutions
 
My blogs on collaboration
My blogs on collaborationMy blogs on collaboration
My blogs on collaboration
 
Enterprise Content Management for Regulatory Compliance in Healthcare and Cre...
Enterprise Content Management for Regulatory Compliance in Healthcare and Cre...Enterprise Content Management for Regulatory Compliance in Healthcare and Cre...
Enterprise Content Management for Regulatory Compliance in Healthcare and Cre...
 
Synchronization of Global Supply Chains
Synchronization of Global Supply ChainsSynchronization of Global Supply Chains
Synchronization of Global Supply Chains
 
Tax Issues for Multinationals
Tax Issues for MultinationalsTax Issues for Multinationals
Tax Issues for Multinationals
 
Vendor comparisons: the end game in business intelligence
Vendor comparisons: the end game in business intelligenceVendor comparisons: the end game in business intelligence
Vendor comparisons: the end game in business intelligence
 
The Architecture for Rapid Decisions
The Architecture for Rapid DecisionsThe Architecture for Rapid Decisions
The Architecture for Rapid Decisions
 
The uses of pervasive intelligence
The uses of pervasive intelligenceThe uses of pervasive intelligence
The uses of pervasive intelligence
 
Financial Issues for Multinationals
Financial Issues for MultinationalsFinancial Issues for Multinationals
Financial Issues for Multinationals
 
City of south_miami_case_study
City of south_miami_case_studyCity of south_miami_case_study
City of south_miami_case_study
 
Vendor strategies: Operational Business Intelligence for Agile Enterprises
Vendor strategies: Operational Business Intelligence for Agile EnterprisesVendor strategies: Operational Business Intelligence for Agile Enterprises
Vendor strategies: Operational Business Intelligence for Agile Enterprises
 

Kürzlich hochgeladen

Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
Overkill Security
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 

Kürzlich hochgeladen (20)

Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 

New Age Cybersecurity

  • 1. Published earlier by The Mobility Hub of UBM Techweb INTERNET OF THINGS OPENS A PANDORA’S BOX OF CYBER- ATTACKS BY KISHORE JETHANANDANI M2M devices had an isolated existence in industrial plants, utilities, hospitals, transportation and smart buildings and security from cyber- attacks was not a concern. As Application Programming Interfaces expose M2M devices to the larger world of the Internet, their ubiquity is haunting the IT world with the prospect of pervasive and catastrophic cyber-attacks that will affect sensitive industrial controls and medical devices. Worse, a security breach could cause physical harm. Protection of the Internet of Things is fraught with unique challenges especially because the software is embedded in the hardware device and is wrapped up with the core of the intellectual property. It is often not possible to patch and update embedded software remotely and continuously to keep it safe without dissembling the hardware at the risk of downtime and damage to the interconnected software. Some protocols like Modbus are not designed to secure against intrusions. Hardware manufacturers are wary of revealing the vulnerabilities of the software lest the information spill to malware developers or the source code find its way to competitors. The paradigm that guided security management of the Internet of devices, using downloadable software, is rife with flaws that are hard to
  • 2. repair with known methods of security management. Authentication plays a vital role when humans use devices. By contrast, M2M devices are remotely controlled by another instrument. Similarly, log file and event monitoring, a wealth of information for detecting anomalies that point to intrusion are not known to work well with the Internet of Things. “M2M is a booming industry, and hardware manufacturers pre-occupied with selling devices while users are only beginning to realize the importance of third-party security specialists to remotely monitor security,” Spencer Cramer, President and CEO of Ei3 Corporation in New York told us. “Access to the source code of the embedded device controllers is needed to integrate with security software,” he informed us. His company has been in the business of securing M2M devices for the last fifteen years and specializes in the few verticals that are already governed by standards. “We have developed a hundred custom drivers to integrate with the embedded software where standards are absent,” he revealed to us. “Economic disincentives dissuade hardware manufacturers from taking preventive measures before security risks snowball into disasters,” Andrew Jaquith, Chief Technology Officer and Senior Vice President of Cloud Strategy at Silversky told us. “Manufacturers do not internalize the social costs of security breaches due to the absence of liability for damages, the lack of compulsion to disclose them and the lack of standards,” Mr. Jaquith explained to us. “Bugs are much cheaper to fix in
  • 3. the early stages and companies like Codenomicon have the technology to test for their presence,” he revealed (according to him, he does not have business relations with the company). The Internet of Things has opened a Pandora box of new challenges in Internet security. A new, system-wide strategy is needed to cope. The widespread ramifications of this new world of security threats need to be grasped quickly before a possible tsunami of cyber-threats has cataclysmic effects. Virtual Counter-intelligence: On the offense against cyber-warfare By Kishore Jethanandani Cyber-security is a misnomer as state-sponsored agents wage war-like cyber-attacks. The lexicon of cyber-security is increasingly drawing on the metaphors of physical war, decoys, stalking horses, and counter- espionage, to describe the offensive means to disrupt hostile intrusions before they strike their targets. Deception is common in physical warfare, behind the scenes, as aggressors seek to mislead their enemies so that they are unable to foil an attack. The countdown to the defeat of Germany in World War II began with the Allied forces throwing wool on the surveillance eyes of their enemies—Hitler was led to believe that an attack was looming in Pas de Calais and not Normandy. The then newly developed radio communications technology enabled the Allied forces to transmit pre-
  • 4. programmed messages, ostensibly originating from diplomatic and intelligence sources that could be inferred to be an imminent landing at Pas de Calais. Allied forces had time to sneak across the English Channel without being routed by forces positioned favorably on land at an elevation. Electronic signals can help create illusions to sucker intruders into mistaking stalking horses for the targets they are seeking. In an earlier article, we had discussed the vulnerability of control systems of utilities and other physical facilities, as M2M connects to the Internet, which can be hijacked by cyber-criminals and manipulated to harm them. For example, criminals could alter water temperatures so that generators are not cooled. Cyber-criminals, however, do not have visibility into the sensors feeding analog data of electrical signals communicating with control systems. A way to hoodwink cyber-criminals is to feed sensor data from shell facilities. The nature of the interaction with them will expose their intentions without doing any damage to the facilities. Some companies are now specializing in active defense strategies for trapping cyber-criminals before they reach their target. Datasoft, for example, creates a cyber-smokescreen with virtualized instances of the network machines, actually in use, or “honeypots” masquerading as sources of valued information like login information. Cyber-criminals are more likely to tamper with the wrong virtual machine and betray their intentions. Jumpsoft creates a Winchester House-like maze of shifting virtual systems where a blind alley is hard to distinguish from
  • 5. the real. Cyber-criminals will recognize the high probability of a trap and factor that into their risk perceptions. Active cyber defense techniques are becoming more common as defensive methods are proving to be increasingly ineffective against attackers covering their tracks outside and inside the networks of their victims. Google, for example, followed the footprints of its attackers and determined them to be agents of the Chinese government. The trail led to servers in Taiwan where proprietary information from a host of American corporations was found and eventually led to Chinese Government sources. One recent survey found that 36 percent of 180 companies surveyed were using offensive techniques against cyber- criminals—defensive methods have been found to be ineffective with only 6 percent able to trace the source of attacks. The rapid increase in applications usage across a broader variety of mobile devices, networks, and operating systems exposes companies to an ever-rising risk of cyber-attacks. As the number of users increases, the higher is the likelihood of inadvertent errors that expose IT systems to an intrusion. The future is for security systems that can anticipate and pre-empt cyber crimes.
  • 6. The specter of pervasive sky-jacking By Kishore Jethanandani The countdown to an era of commercial drones has begun with the FAA approving the first of the six tests for their business use. So compelling are the applications of drones in remote locations, such as navigating the perilous snows of the Arctic for shipping companies and the downside of cyber-security is apparently so minimal that their business case is seemingly irrefutable. Cyber-security risks will keep regulators on tenterhooks as they test the air for drones. Eventually, they want regulations to create a safe environment for mass adoption of drones in densely populated areas where the risk of a catastrophe is very high. Intrusion into drones could potentially have the same devastating effects like the one in the Air Spain passenger airplane which prevented the alert system from reporting a system failure and led to its horrific crash. Drones will also extend the reach of the internet into the far corners of the world and expose them to the cyber-security risks common in more densely populated regions. The cyber-security hell of the future is the hijacking of swarms of drones. Hackers have shown that any one of these drones, once sky- jacked, can create a potential entry point for penetrating every other of its peers in the vicinity. Insecure Wi-Fi connections, with their unencrypted signals, leave the door open for hackers to take control.
  • 7. They can then begin to use the hijacked drone as a command center that would be able to instruct every other of its peers to do its bidding including engagement in the criminal or war-like activity. The GPS sensors that guide the movement of unmanned aerial vehicles can be spoofed to redirect them at will. Drones have the technological wherewithal to be a network node, a wireless tower in the skies, and have the ability to intercept signals from mobile devices as was recently demonstrated in London. They can masquerade as one of the networks that mobile devices are calling to connect and unsuspecting users will unwittingly send their private information to them. As growing numbers of drones loom over mobile devices, they will have the ability to hijack mobile devices on an increasing scale. Drones will inexorably grow in numbers and to prevent their expansion will be no more practical than it would be for commercial aircraft. Flying commercial aircraft on auto-pilot is barely distinguishable from a drone. In fact, some hackers demonstrated a lab-scale version of the remote hijacking of commercial aircraft with mobile devices including the ability to spin them in the sky in the manner of a game! Reliable cyber-security, in such an environment, would need a mastery of all the protocols, platforms and applications, and the diversity of operating systems of devices in use all across the system and its continuous monitoring. It is hard to conceive a system of this size
  • 8. managed with methods designed for enterprise networks. More likely their security management will be akin to the heterogeneous telecom networks with distributed intelligence. Drones will contribute more complexity with their movements aided by sensors. The progression of drone use from its early adoption in the military to remote area commercial applications and widespread use in urban areas will likely hinge on the successful design of a distributed network with layers of cyber-security driven by big data. Each sub-system will be as homogenous as possible with distinct groups of experts managing each one of them. Cyber-detectives on the trail of cyber-criminals By Kishore Jethanandani Cyber-security in the Enterprise is caught in a dangerous time warp— the long-held assumption that invaluable information assets of companies can be cordoned off within a perimeter, protected by firewalls, no longer holds. The boundaries are porous with many access points available to a mobile and distributed workforce, and partners’ networks, with remote access rights to corporate data via the cloud. Mobile endpoints and their use of the cloud for sharing corporate data have been found to be the most vulnerable conduit that cyber-criminals exploit for launching the most sophisticated attacks (advanced
  • 9. persistent threats) intended to steal intellectual property. Poneman Institute’s survey of cyber-security attacks, over twenty-four months, found that 71 percent of companies reported that endpoint security risks are the most difficult to mitigate. The use of multiple mobile devices to access the corporate network was reported to be the highest risk with 60 percent reporting so. Another 50 percent considered the use of personal mobile devices for work-related activity to be the greatest exposure. The second most important class of IT threats was perceived to be thirty-party cloud applications with 66 percent reporting so. The third most significant IT risk of greatest concern was reported to be Advanced Persistent Threats. In an environment of pervasive vulnerabilities, enterprises are learning to remain vigilant about anomalous behavior pointing to an impending attack from criminals. “Behavioral patterns that do not conform to the usual rhythm of daily activity, often concurrent with large volumes of traffic, are the hallmarks of a cyber-criminal,” Dr. Vincent Berk, CEO and co-founder of Flowtraq, a Big Data cyber-security firm that specializes in identifying behavioral patterns of cyber-criminals, told us. “A tell-tale sign of an imminent cyber attack is unexpected network reconnaissance activity,” he informed us. Human beings need to correlate several clues emerging from the data analysis before drawing conclusions because criminals learn new ways to evade surveillance. Enterprises now recognize the importance of learning to recognize the “fingerprints” of cyber-criminals from their behavior. A 2014 survey by
  • 10. PriceWaterHouseCooper found that 20 percent of the respondents see security information and event management tools as a priority and an equal number event correlation as a priority. These technologies help to recognize behavioral patterns of cyber-criminals. “Scalability of Big Data solutions to identify the behavior of cyber- criminals is the most daunting challenge.” Dr. Vincent Berk told us. “We extract data from routers and switches anywhere in the pathway of data flows in and out of the extended enterprise,” he explained to us. “The fluidity of enterprise networks today with increasing virtualization and recourse to the cloud makes it challenging to track them,” he informed us. “Additionally, mergers and acquisitions add to the complexity as more routers and switches have to be identified and monitored,” he explained to us. Dr. Berk underscored the importance of avoiding false positives which could lead to denial of access to legitimate users of the network and interruption of business activity. “Ideally, we want to monitor at a more granular level, including the patterns of activity on each device in use, and any departures from the norm to avoid false positives,” he told us. The filter of human intelligence is still needed to isolate false positives. “Granular monitoring is more accurate and has uncovered sophisticated intruders who hide inside virtualized private networks (VPNs) or encrypted data flows,” Dr. Berk revealed to us. Often, these sophisticated attackers have been there for years unnoticed. “The VPNs
  • 11. and the encryption are not cracked, but the data is analyzed to understand why they are in the network,” Dr. Berk explained to us. Cyber-security will increasingly be a battle of wits between intruders and the victims. Big Data analysis notwithstanding, cyber-criminals will find new ways to elude their hunters. The data analysis will provide clues about the ever changing methods used by cyber-criminals and means to guard against their attacks. The quality of human intelligence on either side will determine who wins. HTML5’s Private view By Kishore Jethanandani Mobile devices make their transition from personal devices to intimate devices with HTML5. They can now potentially see, hear and sense the world of smartphone users aided by APIs that open the doorways to the cameras, microphones and the sensors in mobile devices. The cross- platform capabilities of HTML5 also enable virtual peeping toms, stalkers, and spies to snoop into the private world of smartphone users while covering their tracks. Sensors like accelerometers, gyroscopes, and compass, commonly embedded in mobile devices, can record motion as well its direction and slope. This data can help to determine the pathway of the user using applications built on HTML5 for mobile devices. Using cross-site
  • 12. scripting and Javascript, hackers can remotely gain access to the data. Applications like Highster Mobile have been used to keep track of movements of cheating spouses to verify their stories. Remote tracking of mobile devices does not necessarily have the dark motives of cyber-criminals. They are also widely used to track teenagers and their risky behaviors with mobile devices. Location Labs now sells the FamilyBase plan for alerting parents when their teenage children are texting and driving. While intrusive, these kinds of applications can even improve safety. HTML5, designed for bandwidth efficiency, is used for real-time, cross- platform, multi-user, interactive streaming applications that need persistent connections for the transmission of small bits of data for content like stock price updates. A typical use case is the trading platform created by Interactive Brokers for day traders and hedge funds. Users receive real-time quotes with charts on an iPad and other mobile devices. The diversity of mobile devices calls for a cross- platform solution that HTML5 can provide but not native applications. Websocket, one of the platforms within HTML5, saves bandwidth use by processing multiple requests for content with a single persistent connection with minimal security overheads (the headers that accompany every packet of data transmitted). By contrast, polling makes multiple requests for content in real-time with traditional HTTP. Similarly, several data streams flow in opposite directions with a single
  • 13. connection. Since multiple data streams flow on a single connection, Web sockets also open the way for distributed denial of service attacks that are hard to control without the benefit of security overheads commonly used with TCP connections. Deep Content Inspection is the alternative method for securing networks when multiple streams of data are flowing without the packet security headers to filter for malware. This approach examines the content inside packets to look for signs of criminal activity including inspection of addresses and URLs of applications to ensure they are not coming from disreputable sources. Additionally, the content flows are parsed to uncover any lurking malicious intent that might be harmful to the receiving servers. HTML5 is indispensable in the emerging world of browser-to-browser, data-rich multi-media communications prone to traffic spikes. Cumbersome security inspection methods will impede new applications. The alternative is to look for identifiers that are giveaways of criminal activity. Security management will need to get a lot more intelligent to be consistent with the needs of today’s applications.