2020 was a year of benchmarks. Events unimaginable only months before were suddenly – and seemingly without warning – realised. Yet this is unlikely to be the end. Yes, we’ll discover a new normal, a new basis of being that blends the old with the new. But much of the change we’ve seen has been in the oven for years. The coronavirus pandemic didn’t start it. It accelerated it.
We’re headed into a decade of such change. Few could fathom in 2010 where we’d be in 2020. The same will be true of 2020 to 2030. With this change will come challenge – and, by meeting that challenge, growth.
There’s no doubt that modern networking has saved us throughout the past year. It means that though isolated, we aren’t alone. It means that people can continue to perform their jobs, and that companies can, much to their surprise, accommodate distributed workforces. Changes that once appeared canyon-wide – unfathomable leaps from at-work to at-home thinking – have proven much more palpable. We’ve been able to adjust and realign thanks to our modern networking capabilities. Now, however, that realignment pushes into focus a once-ancillary foe: that of cyber threats.
The threat of cyber security
Cyber threats are escalating. The SolarWinds attack of 2020, which targeted critical vaccine supply lines, may just be the beginning: the first of many such ambitious, state-sponsored campaigns. Even a new era of cyber warfare. Preparedness is first achieved by being aware, which begins through acknowledging the threat posed and accepting that whatever happens to another can also – and with sufficient time probably will – happen to you.
The increasing sophistication of hackers is undeniable, as is the rising number of state-sponsored attacks. We’ve seen such attacks from Russia, North Korea and China. Likely, there’s also been some reciprocation: a tic-for-tac power play by any number of international actors. Companies are being targeted not in isolation but at scale. The objective of state-sponsored attacks is usually mass disruption, either through compromising a system or leaking sensitive data.
Compromise of a single application can mean that every organisation using that application is also compromised. This year, we’ve spent a lot more time on our devices. Between 2019 and 2020, the number of Zoom corporate customers jumped 61%, whilst quarterly app downloads in the Google Play Store and Apple Store are at their highest.
Within each new personal or network application exists new vulnerability. The more we rely upon them, the more we expose ourselves to those that seek to leverage any undiscovered weakness.
A new era of cyber warfare
In her new book – This Is How They Tell Me the World Ends: The Cyberweapons Arms Race – the New York Times reporter Nicole Pelroth exposes the market of so-called “zero-day” weapons. She describes these weapons as “… a software or hardware flaw for which there is no existing patch.” Their name reflects their function. Zero-day weapons exploit bugs or other vulnerabilities that have yet to be detected, and for which there is no existing patch (the correlative implication being that developers have had zero days to produce a patch). In cyberwarfare, most damage is produced within the first day. Or even within the first moments. Preparedness is all, and a weapon that cannot be prepared for is the stuff of nightmares for network security managers.
The likes of Google publish bounties for white hackers – those that hack not to disrupt but to rectify – to discover bugs in their systems. The marketplace of cyber warfare is a tug-of-war between what has been detected by a few but not others, and what is detected within sufficient time to patch the vulnerability.
In an era in which it’s easier to assume an acceleration of cyber activities before any cessation, network managers’ best defence is real-time detection and response, identifying attacks in their infancy and taking the appropriate corrective or mitigatory action. Solutions such as Scrutinizer or FlowPro by Plixer and ntop’s nBox Recorder or nProbe offer real-time insight into network traffic through the collection and analysis of context-rich metadata. Alerts may be specified to thresholds, performance drops or types of traffic. As soon as an attack begins, you’ll be better prepared to notice changes in traffic and, if necessary, close off network connections to inflicted applications.
Now more than ever, network connections are the lifeblood to our modern lives. To sever them, even to disrupt, can have disastrous consequences. Blindness is a lost connection away. Against the unforeseeable, our best defence lies within solutions that detect and help us respond to the unforeseen – as it occurs. The future of cyber security is troubling. But, through technology such as MI and AI, it’s far from lost.
For more information on how to protect your network against cyberattacks, or the solutions discussed here, contact us today.