Data Security: To Know Your Foe will be Half the Battle Won

What do a fish tank in a big corporate office, a baby monitor in a hospital and IoT devices have in common and makes them interesting for a hacker? It’s a million dollar question that may help you get a glimpse of a future where crime and technology are inevitably heading on a collision course and may require governments, corporate and individuals to develop better insights into the issue of cyber security to take important measures in order to keep the resulting casualty low.

Now getting back to the question, while the fish tank in a plush lobby of a corporate office is sitting duck of a cyber attack on the main office server which is hardly anticipated by the IT team which connected it with the Internet to monitor the tank’s temperature and oxygen levels to keep fish in good health, a baby monitor in a hospital and IoT devices could be used by a hacker to add more computing power to his evil design of breaching the main server of a bank to transfer millions of dollars into unknown accounts.

“Before we talk about the next solution to cyber security, it’s very important to understand the new trends in cybercrime because we have to know our enemy in order to defeat them,” says a cyber security expert working with tech giant Microsoft.

In the past two years, the number of cyber breaches has gone up exponentially. The Securus data breach, Mirai attack and the ATM Jackpotting attack, in which cyber criminals installed malicious software or hardware at ATMs to make the machines spit out huge volumes of cash on demand, have all taken place in a matter of 18 months or less.

In an unprecedented move, the yearly report by the US Intelligence that assesses security threat to the US, has for the first time since 70s not included nuclear attack as the top threat to US security. No prizes for guessing what replaced it as the top threat. Of course, it’s cyber attacks having great potential to cause unfathomable financial losses and damage to our sophisticated security systems.

Therefore, it becomes all the more important to know the next vector of cyber attacks, and for that it is wiser to think like a cyber criminal who is looking for new avenues to get into your system and bridge the data which is so important for the survival of your business organisation.

In India, where an ambitious plan to develop 100 smart cities under the Smart Cities Mission has been launched by the government, IoT forms the backbone of the smart infrastructure which is being created to improve lives of the people living in urban centres. Therefore, it is imperative that before we talk about the next solutions in cyber security space, we need to know our enemy, cyber criminals in this case.

Why IoT Devices need to be secured?

There are three reasons that attract cyber criminals target IoT devices. One, the IOT device is linked to some important functions like nuclear power, or some other critical infrastructure; Two, IOT devices like a fish tank is connected via the internet to the corporate IT department; Three, IoTs are small computers connected to the Internet and most of the time they are left unprotected. Now, if a hacker wants to carry out a digital attack, he or she needs a lot of computing power and usually they don’t like to pay for that. So what they do is that they steal it by hooking into a number of IoT devices to increase their computing power many fold.

Moreover, IoTs are not just those small devices at hospitals or other public places, but they also include connected cars and CCTV cameras and they are all a potential target of attack.

So, taking preemptive measures is not really an option any more. It is rather now a necessity to know our enemy and take all those measures that are needed to be taken to achieve the indemnity against cyber attacks.