Cyber Security

 

Jun 30, 2016 posted by Dr. Anand R. Prasad, NEC Corporation, Japan Comments

DOI: 10.13052/popcas005 | Read[291]

This article was supposed to be the first one to lay grounds on the purpose of this blog. Already we had a few very valuable articles published in the meantime but still, allow me to present you with some background and basic thoughts

Today cyber security has become a layman's term but if you look back, you see that barely a decade back the term security (in information and communication technology or ICT) was a word used and understood only by a handful. Since then technology has moved fast, becoming integral part of our lives thus making it essential for everyone to understand about security. This brings us to the purpose of the blog which is to make everyone aware about cyber security by bringing the knowledge to the society at large. To achieve this goal, we will cover a wide range of topics that relates to cyber security. Having said that, we probably should first define what cyber itself is. Well, in very simple terms cyber is the interconnectivity of devices, including computers, and communication between them as well as between people. Communication can be by wireless or wired means, end-point could be a devices or human being usually using some application. Here device is anything with computing power and that means a whole lot!

Fact is that digitization has increased the pace of enhancement in technology, thereby leading to increased connectivity; literally everything will be connected in near future. Just look around you in your home and you will see that everything has computing power and is or can be "connected". It is normal for TVs, printers, entertainment devices and even cleaning robots to be connected - these devices are not only accessible by WiFi in your home but also from anywhere you have connectivity. Thus everything becomes a part of the "cyber" or "cyber world". With this I hope I have also dispelled that cyber is not a "cloud" very often shown in figures but it is connectivity of computers, smartphones, tablets and literally any "thing" (including cars) around us. This in turn means that security of the cyber world is ever important as successful attacks does not only have impact on devices in use but also can have direct impact on lives of people - this brings us to cyber security.

Note: "vulnerability", "threats" and "attacks" are peppered around in this article. Let me clarify what I mean by these: vulnerability is a weakness that can be exploited while threat is potential of exploitation of the vulnerability and attack is where someone successfully exploits the vulnerability. There are several other basic security terminologies but we do not need them in this article, they might be covered in due course in this blog.

Cyber security is required because of the security threats in the cyber world. As we now understand cyber, we also understand that the threats (leading to attacks) are real. Now, what are these threats? Why are these threats realized as attacks? Well, let's start with an analogy.

You have a house with something important that you want to keep safe. How do you do it? First solution is to lock all entrances with a key, but then the lock could be broken or the key could be copied by the thief or the thief might enter by breaking a window (assuming you have closed all windows :). The solution now is to have alarms but then it depends on where and what type of alarms are put and if appropriate precaution is not taken, the thief could still enter through a window (or an unlocked door). Even if you have taken appropriate precautions, in due course the thief might find a way to enter by observing some weakness (exploit a vulnerability). Otherwise what might also happen is that you add an extension to your house and while doing so, due to negligence or simply being human, security might not be provisioned to the level in the rest of the house thus leading to potential entrance for the thief.

All this happens in cyber world as well. Devices or networks are not appropriately secured, not updated when new security issues are identified or use / changes in use or situation leads to new threats and thus attacks.

It is obvious that networks get attacked if not appropriately protected, e.g. firewall, or even when appropriate protection is there, the setting is not done properly, e.g firewall allows services known to have vulnerabilities. Even if the network is well protected, say firewall and other safeguards are appropriately set, users in the network might access a given website that has software for download with malware. This malware can now reside in a trusted device of the network going unobserved. Solution to such malware would be to install monitoring and control mechanism in the devices and/or in the network that can identify potential attacks and perform appropriate control against the attack. Obviously all these protections will fail if the solutions are not updated with newly found security issues or with patches if security issues are found in protection mechanism in use.

This is valid for communication protocols, say a protocol with known vulnerability, e.g. given version of Secure Socket Layer or SSL, is used; attackers can exploit the vulnerability (your with some vulnerability allowing thief to get in). Same issue happens with operating systems or any software or application (apps in smart devices) in use that have known vulnerabilities and are not updated to secure version.

Change in use and scenario can also lead to security implications (like extension to house). Say a device is hard-coded with a given cryptographic algorithm for encryption that is cracked overtime. The device might stay in use as the algorithm cannot be updated while it is known that the device is prone to attack.

Then there are other issues where the attacker identifies certain security vulnerabilities not known before this is known as the zero day attack.

In brief, cyber threats exists and thus cyber-attacks happen often due to weakness of system or network design or usage of not secure protocols / applications / software or simply due to negligence, e.g. use of simple passwords. Attack could be done by insider, disgruntled employee (insider), or outsider like someone looking for monetary benefits, someone just looking for fun, criminals or even state sponsored. All this has huge impact on our society and impacts in terms of dollar - there are several examples, like Ransomware attacks that are becoming common, attack on Saudi Aramco and Sony, Stuxnet type attacks and several others. Common issues of our society, e.g. bullying, now appear in the cyber world but with much bigger implications!

With this I hope that the article brings some clarity regarding cyber security and its importance. As you have already seen, the blog will cover a wide variety of aspects regarding cyber security to help everyone understand the issue. We invite you to join us, discuss in the forum and bring your own thoughts regarding this essential topic to our society today.
Comments