Taking a byte out of cyber threats

February 12, 2022

Syllabus: General Studies Paper 3

Context

Cyber attacks may be a relatively new phenomenon, but in a short time frame have come to be assessed as dangerous as terrorism.

Cyber attacks in recent years:

The world was possibly made aware of the danger and threat posed by cyber weapons with the advent of theStuxnet Worm in 2010, which resulted in large-scale damage to Iran’s centrifuge capabilities.
Two years later, in 2012, abank of computers belonging to the Saudi Aramco Oil Company were targeted, reportedly by Iranian operatives, employing malware that wiped out data on 30,000 computers.
A few weeks later, Iranwas again believed to have been behind a targeted attack on the Qatari natural gas company, RasGas.
The string of instances appear to have provoked then United States Defence Secretary, Leon Panetta, to utter the warning that the world had to prepare for a kind of ‘cyber Pearl Harbour’,highlighting a new era of potential vulnerabilities.

Static response:

The West seemed to lose its way on how to deal with the emerging cyber threat. Each succeeding year, despite an increase in cyber threats, witnessed no change in the method of response.
While theWest focused on ‘militarization’ of the cyber threat, and how best it could win with its superior capabilities, valuable time was lost. It led to misplaced ideas and erroneous generalisations, resulting in a decade of lost opportunity.
In 2021, cyber attacks that attracted the maximum attention were SolarWindsand Colonial Pipeline in the U.S., but these were merely the tip of a much bigger iceberg among the string of attacks that plagued the world.
Estimates of the cost to the world in 2021from cyber attacks are still being computed, but if the cost of cyber crimes in 2020 (believed to be more than $1 trillion) is any guide, it is likely to range between $3trillion-$4 trillion.
What is not disputed any longer is that soon, if not already, cyber crime damage costs would become more profitable than the global trade of all major illegal drugs combined.

Sectors that are vulnerable

As 2022 begins, the general consensus is that thecyber threat is likely to be among, if not the biggest, concern for both companies and governments across the globe.
In the Information age, data is gold.Credential threats and the threat of data breaches, phishing, and ransomware attacks, apart from major IT outages, are expected to be among the main concerns.
Resultsare also likely to far eclipse the damage stemming from the COVID-19 pandemic or any natural disasters.
Alittle publicised fact is that the vast majority of cyber attacks are directed at small and medium sized businesses, and it is likely that this trend will grow.
According to experts, among the most targeted sectors in the coming period are likely to be: health care, education and research, communications and governments.
Health-care ransomwarehas been little publicised, but the reality is that ransomware attacks have led to longer stays in hospitals, apart from delays in procedures and tests, resulting in an increase in patient mortality.

Measures to check attacks

Far more than merely apportioning costs linked to cyber crime is the reality that no organisation can possibly claim to be completely immune from cyber attacks.
While preventive andreactive cyber security strategies are needed — and are essential to mitigate cyber risks — they are proving to be highly illusive in an increasingly hyper-connected world. Comprehending the consequences of this reality could be devastating.

Threats of Ransomware:

For instance, despite all talk about managing and protecting data, the reality is that ransomwareis increasing in intensity and is tending to become a near destructive threat, because there are many available soft targets. Statistics in this regard are also telling, viz., that new attacks are taking place every 10 seconds.
Apart from loss of data, what is also becoming evident is that ransomware criminalsare becoming more sophisticated, and are using ransomware to cripple large enterprises and even governments.
Talk of the emergence of ‘Ransomware as a Service’ (RaaS)— a business model for ransomware developers — is no mere idle threat.

Ever increasing risks:

Digitalization after Pandemic: A conservative estimate is that a rash of attacks is almost certain to occur on home computers and networks.
Atendency seen more recently to put everything on the Cloud could backfire, causing many security holes, challenges, misconfigurations and outages.
Furthermore, even asIdentity and Multifactor Authentication (MFA) take centre stage, the gloomy prognostication of experts is that Advanced Persistent Threats (APT) attacks are set to increase, with criminal networks working overtime and the Dark web allowing criminals to access even sensitive corporate networks.

Scant clarity

Cyber security experts appear to be floundering in finding proper solutions to the ever widening cyber threat.
Emerging cyber security technologies and protocolsintended to protect systems, networks and devices, but little clarity whether what is available can ensure protection from all-encompassing cyber attacks.
Technologygeeks, meanwhile, are having a field day, insisting on every enterprise incorporating SASE — Secure Access Service Edge — to reduce the risk of cyber attacks.
Additional solutions are being proposed such as CASB — Cloud Access Security Broker — and SWG — Secure Web Gateway— aimed at limiting the risks to users from web-based threats.
Constant references to theZero Trust Model and Micro Segmentation as a means to limit cyber attacks, can again be self-limiting.
Zero Trust does put the onus on strict identity verification ‘allowing only authorized and authenticated users to access data applications’, but it is not certain how successful this and other applications will prove to be in the face of the current wave of cyber attacks.
What is most needed is absent, viz., that cyber security experts should aim at being two steps ahead of cyber criminals. This is not evident as of now.

Way Forward

Misplaced attention around Cyber security has led to unique challenges. This situation needs to be reversed.
Adetailed study of the series of low- and medium-level proactive cyber attacks that have occurred during the past decade is clearly warranted.
It could reinforce the belief that when it comes to deterrence in cyber space, what is required is not a piece of ‘grand strategy’: low and medium tech, low and medium risk targeted operations could be just as effective.
A related aspect is toprevent individual companies from attempting their own tradeoffs — between investing in security and maximising short-term profits. What many companies and even others fail to realise is that inadequate corporate protection and defence could have huge external costs for national security, as was evident in the SolarWinds attack.
Defence and backup plans: Nations and institutions, instead of waiting for the ‘Big Bang cyber attack’, should actively prepare for a rash of cyber attacks — essentially ransomware — mainly directed at available data.
The emphasis should be on prioritising the defence of data above everything else. Consequently, law enforcement agencies would need to play a vital role in providing effective defence against cyber attacks.

Conclusion:

On the strategic plane, understanding the nature of cyber space is important. While solving the technical side is ‘one part of the solution, networks and data structures need at the same time to prioritise resilience through decentralised and dense networks, hybrid cloud structures, redundant applications and backup processes’. This implies ‘planning and training for network failures so that individuals could adapt and continue to provide service even in the midst of an offensive cyber campaign’.

The Hindu link

https://www.thehindu.com/opinion/lead/taking-a-byte-out-of-cyber-threats/article38414892.ece

Question- Cyber attacks in recent times have increases multifold. Explain. How can these be tackled by strengthening legislation, scrutiny and implementation of robust policies?