What security systems are most effective now? How to protect information? Is there any vulnerability in today’s data security systems and how to improve their reliability? How safe (in terms of security) are modern devices (smart TV-sets, IoT devices, etc.)? These and other issues were discussed at the IDC Security Roadshow 2017, held in Kyiv, Ukraine, on February 17. The event was attended by the companies Trend Micro, Check Point Software Technologies, ESET, Qualsys, Lattelecom, Monti Group, etc. A mini-exhibition of security solutions was also organized as part of the forum.
As the Lattelecom pointes out, it is possible to protect any information, but ensuring “full-ranged” security will come at a price, which is hardly reasonable. Much more effective is, according to experts, to determine the very information to protect above all: commercial data (company’s business strategy, contracts, customer databases, discount policy, innovative projects), staff’s personal data, etc.
So, according to the Juniper Research, when the direct damage from hacking amounted to USD 400 billion in 2015, then this figure will grow fivefold in 2019, reaching USD 2.1 trillion.
The attempts to computerize our life have a good purpose to facilitate and speed up data collection and processing, and often to control devices remotely. But there are also negative aspects. For example, the centralized collection and analysis of consumed electricity data from energy meters is carried out remotely, and there is a chance for intruders to interfere and distort the data reliability, and even use devices for new attacks. The “smart home” devices with remote control (room heating or lighting, air conditioning, video monitoring, etc.) are also subject to a remote intervention. Therefore, the security of accessing such devices should require particular attention. The most illustrative example is a complete power supply blackout of several districts of the capital in early 2017, which once again proves the vulnerability of any information system.
There are quite enough hacking cases: from blocking guests in hotels to Internet broadcasting cut-off. If we recall recent international attacks, the most illustrative one is the MIRAI attack (my means of security cameras), which resulted in disconnecting one of the largest DNS-providers, which led to a temporary shutdown of web sites like Netflix, CNN, The Guardian, Twitter, etc.
Smart TV-sets are not an exception too. According to speakers, the system vulnerability reasons are not only the errors of programmers (especially when code fragments are made by different developers and it is hard to detect all the vulnerabilities), but also certain sequences of operations that were not anticipated or are strange in behaviour.
The companies usually do not pay attention to security problems until something happens. According to experts, the most effective driver for implementing an effective security system is to demonstrate the effects of cyberattacks (preferably real cases). Even if there are no secret data on a user device, this device can be used to attack other devices, servers and networks; it can jeopardize the company’s inherent security, including business processes, or illegal obtaining certain confidential data.
Since Ukraine actually lacks responsibility for hacking, the country is increasingly used as a test platform for hackers from different countries and for international attacks. And if so, then, according forum participants, it is useful to attract professionals from other countries to assist Ukraine in providing required security level. This, in turn, will also have a positive impact on other countries.
During the conference, there were discussed various issues, from the specifics of arranging cyber protection at different stages of incidents, up to an inadequate higher education system. As remarked by participants, the companies have to hire student volunteers oftentimes to train them for the corporate needs, although this is risky. A special attention is recommended by experts to pay to the ready binary code, especially when the software is distributed without its source code.
The leaks of important data do not occur suddenly, i.e. the attackers usually wait for an opportune moment, which takes some time.
The experts from companies-developers of antivirus solutions considered the potential of software and methods applicable in cases where a malicious code is unanalyzable. For example, when the steganography is applied to hide some code fragments.
The security situation can be the most representative in statistics. So, according to the Gartner, 95% of successful attacks might have been prevented if security systems were set up correctly.
The experts are especially concerned about the growing number of different devices worldwide. So, according to the exposed data, the number of connected devices will exceed 20 billion in 2020, and the number of connected devices will exceed the population of the Earth in 2017. The IoT devices (Internet of things), which were featured in the report of the Fortinet’s expert, are gaining more popularity of people. So, the “smart home” solutions are not just innovative devices and home opportunities, but also an option to save due to energy-saving technology (including room heating and lighting, indoor monitoring, etc.). At the same time, according to experts, 10% of organizations believe that the connected devices are safe, although it is really far from it. Nevertheless, 85% of global organizations have been considering, studying or implementing the IoT strategy.
However, the increasing number of such devices is followed by their growing vulnerability. Given the confirmed hacking of IoT light bulbs in one of the foreign universities, as well as hacking exposure of modern smart TV-sets, implying a possibility of further attacks, the problem requires an urgent solution. The experts recommend to segment networks and to assign specific access privileges to each device.
A particular threat is faced by industrial IoT devices (in health care or industrial facilities, etc.). Therefore, the Internet security units should pay a special attention to the malicious network traffic and any strange software.
The companies should be aware that security failures in any network may result in losing data, whether it is commercial information about the company’s activities or a video archive on a media server.
Summarizing the above, it can be stated that in the near future, the most vulnerable areas will remain energy, industry, and banking, i.e. the very areas, which are more procative to implement new solutions or run successful business. The number of such attacks will go on growing. The failure of IoT devices can have an extremely negative impact, from power supply blackout of industrial facilities or even the fire or flooding hazard in “smart houses”, up to the danger to patients’ life in health care facilities (failure of pacemakers, life support systems, etc.). Therefore, the security problem will remain one of the priorities for any company, and the cyberthreat prevention budgets will keep on enlarging.