The need for protection in a digital worldPablo Rodríguez Canfranc
The 12th May, 2017 marks a milestone in Internet history. The WannaCry cyber attack, which also goes under the names of WannaCryptor, weCry, WannaCrypt or WeCryptor, reaches more than 200,000 targets in more than 150 countries, wreaking havoc of unprecedented breadth. The terrible success harvested by the creators of WannaCry reveals how vulnerable companies are on networks and particularly we ourselves, the private users. Basically, the virus encrypted the files of the user's computer by converting them to a format that had the extension WNCRY and demanding a rescue to retrieve the information, and thus gave its name to this form of computer sabotage: ransomware.
However, cyberattacks are not an occasional phenomenon, but rather continuous over time. As an example, in the week of September 24th to October 1st, 2017, there were almost 60 million computer attacks worldwide.
Apart from WannaCry, in October 2016 another major attack occurred that massively affected users of services like Twitter, Amazon, Tumblr, Reddit, Spotify, Paypal and Netflix. In this case, it was MiraiBotnet, a malware that used the Internet of Things (IoT) to attack a network server through a Distributed Denial of Service (DDos). It is easy to intuitively understand the mechanics of the attack. The virus used thousands of devices called the Internet of Things (IP-cameras, home routers...) to get these to launch web server requests and bring it down by saturation due to excess demand. In September, they did so against the security blog of journalist Brian Krebs, Krebson Security, and later in October, attacked the infrastructure of DNS of the infrastructure provider Dyn. According to security firm BitSight Technologies, about 14,500 domains that used Dyn's services fled the company immediately after the attack.
Spain is not lagging far behind in the field of cybercrime. According to the Security and Industry Incident Response Centre (CERTSI), in the first half of 2017, this agency has dealt with 69,644 cybersecurity incidents in our country.
of these, 67% are related to equipment infection through malicious programmes that can damage the operating system or other devices (malware), followed by unauthorized access (15%) and fraud (11%). They complete the list of malicious spam This is still alive in the network thanks to social engineering, denials of service, scans of networks and systems and attempts to steal information.
CYBERSECURITY LAGS BEHIND THE TECHNOLOGY
The fact that more and more of our lives are spent on networks, through online work, leisure or the business we do on the Internet, makes us increasingly vulnerable to hackers. In addition to the above, the vertiginous technological advances we are experiencing today makes cybersecurity always lag behind in providing solutions seeing currently means that new threats appear every day.
Each new emergent technological scenario brings with it new challenges related to network security.
A recent publication by Fundación Telefónica, Ciberseguridad on the protection of information in a digital world, reviews the current threats to individuals and companies in areas such as cloud computing, big data or the applications that cheerfully installed on our mobile devices.
This heads the list of situations of computer vulnerability in a trend This is gradually permeating working environments, which is known in English as Bring Your Own Device (BYOD). This is the product of the progressive disappearance of the barriers between the personal and professional spheres of company employees, in that they carry out tasks associated with their job anywhere, and no longer necessarily only in the office. Increasingly, this implies that they use their own and non-corporate devices -mainly portables and smartphones- with the consequent cost savings for companies and a considerable increase of productivity, besides the flexibility and comfort that results from professional being able to work anywhere.
Despite the advantages of this work model, there are numerous dangers from the cybersecurity perspective, since devices outside the company, when accessing corporate networks, can let certain traces of personal information fall in the hands of third parties. Uncontrolled and unrestricted access to company systems can become a gateway for a malware entry. In addition, BYOD involves the coexistence of a large number of operating systems and different versions, a diversity This is difficult to manage in computer areas and which can often involve security loopholes.
HIGH-RISK BIG DATA
Another major risk factor is cloud computing, which involves working on networks instead of locally. Both storing information and running programmes and applications is now transferred to the cloud, that is to say, to platforms on networks. This way of managing and storing data entails numerous security-related risks, such as loss of control over the use of cloud infrastructures, lack of data and application security during migration to another supplier, isolation failures, problems in verifying security external certifications or poor quality of the services of the cloud company, or the exposure that management of the interfaces through Internet involves.
In the case of big data, the storage and processing of huge amounts of data is a security risk, since leaks or information theft can have significant legal and reputational effects for an organization. Another risk factor is the possibility of using big data tools for covertly or overtly criminal purposes. We have to bear in mind that these are systems capable of managing and structuring huge amounts of information and that, applied to our activity on the Internet, can reveal absolutely everything about ourselves simply by compiling the clues and traces that we leave behind while navigating. For example, this includes our comments on social networks, purchases we make on the web, our searches on Google or the places we go, we mention only a few.
The Internet of Things (IoT) is one of the great bets of the present for the future. The ability to connect all kinds of objects to each other allows us to imagine smart everything: smart environments: smart cities, smart homes, smart schools and smart vehicles. Internet-related applications of things will become so common in our daily lives that much sensitive personal information could be accessible to third parties if there is not adequate protection. IoT is also used to perform Distributed Denial of Service (DDos) attacks on web servers, using objects on the Internet to block a server. Hackers can create armies of millions of zombie devices -sensors, security cameras, routers...- that obey the order to flood requests on a website until it exceeds its capacity of response.
Another aspect treated in Fundación Telefónica's report is the industrial Internet, also known as Industry 4.0, a philosophy that implies not only the automation of the activity carried out by many of the machines and even entire production processes, but also the incorporation of a certain intelligence, so that they can interact with the environment in a more autonomous way and are able to adapt directly to situations and changes, without human intervention.
EVERY MONTH, 40,000 NEW APPS ARE LAUNCHED
Attacks against industrial installations are not new, but the fundamental aspect of the industrial Internet lies in the integration of traditional physical production systems with the computer systems that monitor these processes, which have come to be called cyberphysical systems (CPS).
In this case the objective in terms of cybersecurity is to protect the different layers or surfaces that make up the system (communications, hardware, software) so that there are no vulnerabilities.
Currently, applications or apps are the preferred way for users to connect to the network from mobile devices. To assess its importance, we should take into account that 90% of Internet connection time through mobile devices is intended for their use, and that each month about 40,000 new apps are launched on the market. The main cyber threat in this case is the ability of these programmes to collect personal and behavioural data, which makes them a focus of possible leakage of information that affects the privacy of the user. We should add that its global character conflicts with the different privacy protection laws that exist in different countries, and particularly between areas of the world with openly different approaches to the degree of privacy protection that has to be guaranteed to general public, such as the United States and the European Union.
Artificial Intelligence is perhaps the greatest revolution we are facing in the short and medium term. However, there are already voices -including the founder of Tesla Elon Musk and the physicist Stephen Hawking- who warn of the danger to humanity of the lack of control over intelligent systems. The occurrence of an unintended or desired effect in an artificial intelligence algorithm is not uncommon. Last year, Microsoft had to withdraw its chatbot, or conversational robot, Tay because it had begun making offensive racist statements on Twitter and in different chats. Tay was scheduled to chat with users, he could tell jokes or comment on the photographs it received, but it could also personalize its interactions with humans by answering their questions. The fact is that, when they went on the network, the netizens taught it to be racist through the conversations they had with it.
It is not that the artificial intelligence system is not well designed and developed, but rather it has acquired what can be called "bad habits". Roman V. Yampolskiyi classifies these types of malfunctions into two categories: "mistakes made during the learning phase" and "mistakes made during the operating phase".
Finally, one of the key aspects in the field of cybersecurity is related to digital identity, or the projection of the user in the networks, that starts with the fragmentation and dispersion of their personal information in different places of the Internet. This often makes it impossible to control our personal information in cyberspace and it may be used by third parties without our consent. Consequently, frauds related to identity are as varied and as diverse as human imagination allows.
The complexity of tackling digital identity, both legally and technologically, means that within the numerous security solutions, it is particularly important to take into account the design of systems, services and applications right from the very beginning, to that the same design incorporates all issues relating to identity and privacy. And of course, the most significant thing is the awareness of the users of aspects associated with their digital identity and the implications related to vulnerability, to prevent potential problems related to this.