Vladimir S. Ovchinsky, Vice-President of the Union of Criminalists and Criminologists
Yury N. Zhdanov, President of the International Police Association Russian Section
The World Economic Forum on the major problems of cybersecurity
According to the analysts of the World Economic Forum, cyber risks continue to be among the major global risks. The COVID-19 pandemic has accelerated the adoption of technology. It has also exposed the vulnerability and unpreparedness of cyberspace either, at the same time exacerbating technological inequalities within and between societies.
The World Economic Forum (WEF) proposed a list of five major cybersecurity issues that world leaders should consider and address in 2021.
1. More complex cybersecurity challenges
Digitalization is increasingly affecting all aspects of our lives and industries. We are seeing rapid adoption of Machine Learning and Artificial Intelligence tools, as well as a growing reliance on software, hardware and cloud infrastructure.
The complexity of digitalization means that governments are engaged in various battles – from ‘fake news’ to influence elections to cyberattacks on critical infrastructure, including healthcare systems.
The new landscape has triggered a wave of sophisticated fifth-generation cyberattacks. As organizations have adapted to working remotely, cybercriminals have taken advantage of the global crisis to launch a series of large-scale cybercrimes.
Cyberattacks take various forms, ranging from international espionage to massive hacking of personal information and disruption of the Internet. Advanced counter-hacking tools have been lacking.
Large-scale multi-vector mega-attacks have created a need for integrated and unified security structures.
Most businesses still operate within second- or third-generation security, which only protects against viruses, application attacks and payload delivery. Networks, virtualized data centers, cloud environments and mobile devices remain unprotected. To ensure the cybersecurity of the organization, enterprises need to move to the fifth-generation security: advanced threat prevention, which uniformly prevents attacks on the entire IT infrastructure of the enterprise.
SolarWinds Hack is an incident that quickly gained the title of the most significant attack of the year. This was a manifestation of a fifth-generation cyberattack.
The scale of the incident became clearer when Microsoft, FireEye, SolarWinds and the US government were attacked. That became possible by the hacking of SolarWinds, an IT management software. Further investigation revealed that the attackers added the Sunburst backdoor to a component of the SolarWinds system that provided remote access to several well-known organizations, making it one of the most successful attacks on the supply chain.
The effect of the SolarWinds attack was uniquely strong: it affected about 18,000 SolarWinds customers, including most of the Fortune 500 companies.
COVID-19 has forced organizations to move quickly to provide secure remote connectivity on a large scale for their employees. At the same time, 71% of security professionals reported an increase in cyber threats since the start of the blockages.
A recent Check Point study shows that healthcare is currently the most targeted industry for cybercriminals in the US: the number of attacks by early 2021 increased by 71% compared to September. The chart below shows a sharp increase in the number of attacks on the health sector compared to global growth; since November, the number of attacks in this sector has increased by more than 45%, which is twice the global increase in the number of attacks over the same time period (22%). As a result, attacks on remote access technologies such as Remote Desktop Protocol (RPD) and VPN increased in 2020.
Schools and universities have switched to large-scale use of e-learning platforms, so perhaps unsurprisingly, this sector has experienced a 30% increase in weekly cyberattacks.
The blurred line between digital and physical domains indicates that countries and organizations will only be safe if they include the functions, principles and fundamentals of cybersecurity that are necessary for all organizations, especially those with valuable assets.
2. Disparate and complex rules
Cybercriminals do not stop at the borders of countries and are not subject to different jurisdictions. Meanwhile, organizations need to navigate both the growing number and the ever-increasing complexity of domestic regulations in different countries.
Privacy and data protection standards are necessary, but they can also create fragmented and sometimes conflicting priorities and costs for companies, which can weaken the protection mechanisms.
The WEF believes that policy-makers need to weigh their decisions taking into account this impact. Strategies must be creative in increasing protection while reducing the complexity of regulation.
To fight cybercrime, a virtual village is required. Even the best companies focused on cybersecurity can be compromised by a professional player.
3. Dependence on other parties
Organizations operate in an ecosystem that is more extensive and less known than many might imagine.
Connected devices are expected to reach 27 billion by 2021 worldwide thanks to such trends as 5G, the Internet of Things and smart systems. In addition, the boom in remote work that began with the pandemic is expected to continue for many people.
Organizations should consider what the breadth of this vulnerability really means, and should take steps to assess the real extent of threats and become resilient to them. An inclusive and cross-collaborative process involving teams from different business units is vital to ensure an acceptable level of visibility and understanding of digital assets.
4. Lack of experience in the field of cybersecurity
Ransomware, the fastest-growing form of malware during the COVID-19 pandemic, has exacerbated this threat.
Preventive measures for ransomware or any other cyberattack should include the following preparations: assuming that you will be attacked, backuping IT resources and data, ensuring continuity of operations in case of computer system failures and training the organization in realistic responses.
Organizations must also recognize that mobility is implicit in today’s technological workforce. It will be important to plan for the expected tenure of experienced professionals and take into account the importance of transferring this specific experience from veterans to newcomers entering the battlefield.
5. The complexity of tracking cybercriminals
Cybercrime brings great benefits and few risks to attackers, as until recently the probability of detecting and prosecuting cybercriminals was estimated to be only 0.05% in the US. In many other countries, this percentage is even lower.
Even if criminal activity is not covered up by methods such as the Darknet tactics, it can be very difficult to prove that a particular subject has committed certain actions.
Cybercrime is a growing business model, as increasingly sophisticated equipment in the Darknet makes malicious services more accessible to anyone who wants to hire cybercriminals.
Policy-makers can help by working with cybercrime experts to establish internationally recognized criteria for attribution, evidence and cooperation in prosecuting and bringing cybercriminals to justice.
Governments and business companies have learned a lot over the past 18 months, and 2021 will be no exception. It is necessary to continue to adapt to and take cyber risks seriously through planning and training. Because this is a universal issue, open communication between corporations, policy-makers and regulators is a crucial key to success.
The full version of the article is available here (in Russian) — https://zavtra.ru/blogs/vef_ob_osnovnih_problemah_kiberbezopasnosti
Translated by Elizaveta O. Ovchinnikova