Business, government and national security processes have been fundamentally transformed over the past decade. Around the world, these and other entities rely heavily on an interconnected IT infrastructure called cyberspace. It is no secret that the threat level in cyberspace has increased dramatically over the years. The results of a cyber attack can range from simple temporary inconvenience to financial or social disaster. The development of the Internet and computer technology has fundamentally changed and continues to change the centers of influence in the world and the methods of fighting for that influence. Specialized agencies of various countries master the methods of hacker groups and sometimes even actively cooperate with them, using their knowledge and skills, providing loyalty and protection in return.
Thanks to the expanding possibilities of the virtual space, today even small states with a weak military-industrial complex or organized (often terrorist) groups can exert a powerful influence on large social groups. So digital equality can lead to global social change, the strategic significance of which is largely underestimated. While the goals remain largely unchanged (money, power, knowledge, influence, etc.), the possibilities of achieving them have greatly increased. Thanks to the Internet, espionage, sabotage, propaganda, cybercrimes and even terrorist acts using cyberweapons are now possible. The absence of borders in cyberspace, as well as the openness and anonymity inherent in the foundation of Internet technology contribute to a significant increase in cyber attacks. And while it is now much easier, cheaper and faster to launch such attacks, the cost of defense is increasing manifold.
A command in a digital environment can travel around the earth in hundredths of a millisecond, but it can take days or even months to analyze that command, recognize the attack, and identify the attacker. And sometimes the technology used makes such identification impossible at all. Keep in mind that cybercriminals are always one step ahead, because every defense is designed as a response to an attack. While the defending side is working to defend against a particular vulnerability, cybercriminals are already developing new attack methods and improving their skills. So the most important thing will be how quickly defensive measures are taken and how adequate they can be to the threat.
So today the problem of cyber security is more serious than the vast majority of Internet users can imagine.
Here are just a few of the most interesting and alarming facts and trends in this area:
Electromagnetic hacking
Recently, researchers at Tel Aviv University were able to crack the secret key used to encrypt information on a computer without having physical access to it. They read electromagnetic waves emitted by a computer in another room behind a wall.
Affordability of technology. The sophisticated $500,000 devices that used to be built for the secret services to detect, spy on, and tap cell phones have become much more affordable. One of these devices (StingRay, Triggerfish, KingFish, AmberJack, Harpoon are similar devices) disguises itself as a mobile operator’s antenna, intercepting all conversations and SMS sent from a particular gadget. Today, cybercriminals can also use very compact versions of these devices, which are also priced in the $1,500 range, with all the attendant consequences.
Spy chips in hardware
Apple has long expressed concern that network equipment ordered from suppliers in the standard way is being altered in the delivery process. The company has reason to believe that additional chips and software products not intended by the manufacturer are being embedded in the equipment. Incidentally, Apple is not the first company to express concern about the actions of the U.S. National Security Agency (NSA) regarding illegal access to the company’s confidential information. In this regard, Apple, as well as other IT giants such as Google, Amazon, Microsoft and Facebook are planning to produce their own network equipment and servers.
Spy irons
Such electronic trading sites as Amazon and eBay sell electronic devices that are deliberately infected with special spyware (Trojans) that collect and send information to certain malicious servers. Moreover, not only CCTV- or web-cameras, network equipment, computers, etc. pose a danger, but also seemingly safe irons, coffee-makers, mixers and other items of our household, which have recently been massively outfitted with electronic components. It was found out that these devices connect to wireless networks and transmit to intruders photos, video, audio and other information about a potential surveillance victim gathered via hidden cameras and microphones.
Encrypting the victim’s disk
A scam based on infecting the victim’s computer with a virus (one example is Ransomware), which immediately begins encrypting the entire contents of the hard drive, thereby hiding information even from the victim himself, has recently become popular among cybercriminals again. Then a message appears on the computer screen stating that all the content is encrypted and the victim will have to pay a fee to access his or her files. Moreover, the payment must be made in electronic money (bitcoin) in order to make it harder to identify the intruders. Otherwise, all the content is permanently deleted.
Identity Theft
Another type of cyberbullying that has recently become widespread is Identity Theft. Its essence is the use of the victim’s personal data to commit fraudulent transactions. Personal data that can be used during identity theft may include credit card data, bank account numbers, passport data, date and place of birth, signature samples, telephone numbers, home address, information about family members and friends, etc. One of the most common methods of “identity theft” has become hacking and taking possession of corporate and social media accounts, as well as email accounts.
The response to today’s challenges in cyberspace should be a national cybersecurity strategy designed to protect the information space, so important to the economy, state, public and national security.
The need for a national cybersecurity strategy
It is necessary to recognize as a reality the fact that our society is largely dependent on the information and communication space and this dependence will only grow over time. The problem is that under the onslaught of modern technologies, which are cheap, easy to use and reliable, other alternatives of communications are gradually disappearing. And this increases the vulnerability of every country. And yet, modern society has no other way but to become the guarantor of security and availability of modern technology.
The concept of the Internet of Things (IoT – Internet of Things) is becoming a reality. The Internet connects everyone and everything through sensors and devices constantly worn by people (smartphones, microphones, GPS trackers, etc.). As government organizations and businesses become more and more information-intensive, personnel have access to vast amounts of sensitive information without being restricted by location or time. In addition, the availability and cheapness of mobile devices for recording large amounts of information (such as Flash Memory Cards) increases the risk of intentional or unintentional uncontrolled dissemination of important information.
The maintenance and development of the digital economy should be one of the top priorities of the modern state in ensuring the security of national cyberspace. The minimum requirements necessary for the development of the digital economy listed below are directly related to the security and predictability of the digital environment:
- A government that exists in a digital environment and supports that environment;
- an innovative industry and business that feels secure in the digital environment;
- a public that is digitally literate and active.
An open, reliable and secure cyberspace is one of the most important priorities of every state in today’s world. For this, it is important to have a clear strategic vision that precedes the development of a robust national security system in cyberspace. Cybersecurity is not a one-time measure, but an ongoing process of risk management with no end in sight.
Given the constant sophistication of the methods and approaches used by cybercriminals, securing cyberspace is an extremely difficult strategic task that requires coordinated efforts from the entire society, including central government, municipalities, the private sector and society at large. In doing so, a cybersecurity strategy must have a clear goal: to support a secure, resilient and reliable electronic operating environment that guarantees the security of the state and promotes the digital economy.
The requirements for a cybersecurity strategy can be formulated as follows:
- A cybersecurity strategy should act as a foundation for a clear understanding of the subject of security, to further develop and improve cybersecurity, making it consistent and feasible.
- The strategy should create a culture of security and help recognize the reality of growing risks.
- A cybersecurity strategy should focus not on combating the consequences of cyber attacks, but on preventing them or at least reducing their duration, as well as on minimizing the negative consequences of such attacks.
- Based on international experience, it is necessary to develop and implement a methodology for assessing the degree of security of national cyberspace.
- The scale and complexity of today’s challenges, as well as the severity of possible consequences, raise this issue to the level of national importance.
It is also necessary to take into account the fact that threats, challenges and related technologies are changing very rapidly, so it is almost impossible to predict the direction in which they will evolve. This makes it necessary to revise the security strategy every few years or even more frequently. Thus, existing security strategies must be adjusted to the new realities and must be flexible enough to react quickly in an ever-changing environment.