In the field of Information and Communication Technology (ICT), in the past 40 years, many of the same failures in cyber security design and programming have occurred repeatedly, whenever a new ICT innovation cycle has taken place.
Every major technological change has inextricably brought forth new threats to the end users in the society. However, it is also a fact that such threats are not hard to predict. History has been truth to this assertion. In the field of Information and Communication Technology (ICT), in the past 40 years, many of the same failures in cyber security design and programming have occurred repeatedly, whenever a new ICT innovation cycle has taken place. This is simply because developers and programmers fail to take into consideration previously identified cyber security lessons with each new ICT advancement cycle. Analyzing it in the perspective of future ICT cycles, one can very well say that future of cybercrime can be predicted, albeit roughly; especially where ICT technology is utilized in functional systems.
Furthermore, hackers, cyber criminals, cyber spies use ICT-based systems in an unauthorized manner by using techniques such as-
• Man in the middle attacks (attacks wherein the attacker relays and alters communication secretly between parties believing to be directly communication with one another) to wireless communication channels.
• Providing a backdoor using self-configuring hardware modules to an existing system/network. Example- Heartbleed virus.
• Default passwords.
• Insecurely managed ICT etc.
Thus, a careful analysis of above techniques is instrumental in understanding the next innovation areas in ICT wherein such security threats and attacks routes can possibly be seen. What future holds for cyber security can be explained sector-wise, as Sunny Vaghela, CEO of TechDefence Labs and Cyber Security Expert, explains these as follows-
1. Modern living:
Nowadays, we see digital TVs being connected to public networks and the internet. Being as productive as they may be, digital TVs with fast video processing engines also act as an attractive supply of processing power for cyber criminals, such as making them part of botnets. Furthermore, with increasing connectivity, digital TVs will soon become an open platform, making them the center of gaming, multimedia, and other digital services, thereby increasing the cyber security threats.
Apart from digital TVs, domestic robots are also gaining traction amongst the modern living enthusiasts. Currently, such domotics is used to monitor and change the temperature in home/office remotely. However, when these become more advanced to carry complex functions, just like the AI created by Mark Zuckerberg recently, they will become more prone to cyber security threats.
2. Health sector- ICT based systems today are used to monitor the health of people. Because of their wireless interface, insulin pumps and pacemakers are already vulnerable to cyber threats. Even a small glitch in the settings may have a life-threatening effect. Besides, medical equipment and health monitoring devices are connected to hospital’s core network. Insecure core networks are easily vulnerable to cyber-attacks.
3. Financial Sector- The continuing dependence on digital payments expose financial sector to a great risk from cyber threats. Near Field Communication or NFC chips offer a new type of authenticating technique to smartphone users which form the basis of contactless micropayments. Amazon recently introduced Amazon Go, which uses one of such techniques to automatically detect payments. It can, therefore, be expected that remote manipulation may be done to influence online payments.
4. Transport sector- The Electronic Control Units (ECU) of modern automobiles contain a large amount of code modules which monitor and control the sensors and activate the actuators like brakes and wipers. They are also responsible for lights and collision avoidance systems. However, network interfaces with public networks to provide you comfortable journey with varying features like emergency call services opens the car platform for a two- way communication and may expose it to cyber criminals.
5. Energy and Drinking water sectors- Use of smart meters and the interface between the utility grids (ex. power, gas, water etc.) also make them susceptible to misuse, such as illegal theft of electricity, pipeline bursts etc. Also, equipment needs to be prone to massive security upgrades in case of a failure in cyber security. In case cyber criminals find out a way to turn off the interface remotely, there must exist a backup system too, to avoid large-scale damage.
6. Smart Living- Smart appliances, such as smart fridges, washing machines, and dish wash washers are not made considering cyber security threats into account. With weak security, these smart appliances may be targeted to cause disruption through denial of service platform attacking via ICT systems. For instance, the attackers could provide false information to the grid on a massive scale remotely. Thus, how can the security of millions of smart appliances be managed, including their updates and licensing? It remains a major cyber security challenge.
In order to ensure that the future of cyber security is bright, individuals need to be educated in cyber security. Cybercrime investigators must be prepared to face emerging threats so that when need arises, they are ready to face them.
Stories by Bhavik Sarkhedi