It is difficult to prevent all breaches in today's cyber-security scenario. Furthermore, today's cyber attackers are well-funded, intelligent, and patient. Furthermore, they tend to target flaws in processes, people, and technology. Furthermore, corporations rely heavily on digitized information and the sharing of massive volumes of data around the globe. These tendencies have made organizations easier targets for a wide range of different forms of threats, which means that each enterprise's daily data, operations, and intellectual property are all extremely vulnerable, which is why it is critical to implement cyber-security measures. After all, a cyber-attack does not only destroy the organization's reputation and brand, but it may also lead to loss of competitive advantage, create regulatory/legal noncompliance and cause a substantial financial damage (EY 2014, p.1).
Cyber-security threats
In a bid to comprehend precisely how technology becomes a target of cybercrime, it is essential to understand the type of threats and the way they exploit technological systems. Most people may ask the reason technology is rendered vulnerable at all, and the simple response is trust. From the time it was developed, Internet driving protocols were not modeled for a tomorrow that included exploitation. There was an insignificant expectation at its establishment that there would one day be a need to mitigate attacks such as distributed denial of service (DDoS)ю
Cybercrime entails various forms that range from websites denial of service attacks all the way to blackmail, theft, manipulation, extortion, and destruction. The tools used are varied and may envelop ransomware, malware, social engineering, spyware, as well as alterations of physical devices such as ATM skimmers. Thus, it is not a surprise that the small scope of possible attacks is broad, a problem increased by what is commonly referred to as the attack surface, which is the size of vulnerability that software and hardware present. For instance, if an exploit of hacking targets Apple iPhones and all the employees in that company are in possession of one, then the attack surface will be determined by the number of workers in that business. Additionally, software and hardware offer a wide array of vectors for attacks. For instance, an iPhone may have a varied range of vulnerabilities that can be exploited and used together to hack a device (ACS 2016, p.14).
Consequently, the embedded systems that power infrastructure including electricity, transport, and communications are also targets for cyber-attacks. Here, threats tend to be targeted, but the impacts are considered even more dangerous. For instance, turning off an electrical grid can lead to a life-threatening outcome (ACS 2016, p.15). A vital point to note is that an attack can be appreciated as targeted if it meets the criteria of scope, persistence, and level of effort. Scope means that instead of making attempts to victimize as many people as they can, attackers concentrate on a particular organization or group of companies in a specific industry. The attack scope may further be reduced to individual employees in a firm (O'Leary, Grahn, & Poarch, 2017).
Persistence, on the other hand, means that attackers prioritize outlined and coordinated activities that lead to the achievement of specific goals, instead of racing through an attack with the idea of outpacing cyber-security efforts put in place. Staying undetected is a significant priority- a slow-and-low approach is used majorly. Lastly, the level of effort means that the cyber attackers spend substantial resources, time, and attempts performing the attack. Moreover, targeted threats are mostly unearthed long after the breach, when confidential customer, security, and corporate data have been stolen. Therefore, they are not only an IT security issue but also a business challenge that may devastatingly affect an organization's brand reputation, financial performance, and customer loyalty (O'Leary, Grahn, & Poarch, 2017).
The Internet of Things (IoT)
IoT envelopes the many and varied devices that are on sale today, or that will soon be on the market, which will also get connected and remain on the internet full-time. Typically, they include products such as smart TVs and webcams. Such an environment increases the cyberspace that can be attacked, and the situation will even get worse once everything shortly gets hooked to the internet for more comfortable sharing of information and communication. The increased connectivity of products is risky because of the botnet armies. A bot (also referred to as a 'zombie') is a remotely-compromised and controlled-unknown to the owner-device of the computing that's linked to the internet. Moreover, most of these gadgets are modeled with only necessary security that attackers can easily bypass, enabling them to input malware and remotely control the device (ACS 2016, p.23).
Autonomous systems
As technology goes on permeating lives, we relocate from technology operation to integrating with it. Independent systems are modeled to blend with society; hence, they become a second nature. However, relying on these systems makes their abuse outcome very devastating. Additionally, these technologies are integrated into the critical infrastructure such as systems of payment and autonomous cars in the transport network (NAP 2007, p.43). Hence, to avoid adverse effects of cyber-attacks, cyber-security should be focused on safeguarding them.
Consequently, the present era is experiencing driverless cars take the limelight away from autonomous systems. There may not be any written case of the willful misuse of driverless vehicles, but hacking has been witnessed with autonomous cars being controlled remotely. Therefore, to secure individuals using the transport sector, improved security is essential. Further, credit cards have been targeted by fraudsters, spurring the creation of RFID chips and additional safeguarding technology in the ecosystem of banking. However, security is an arms race, and threats such as skimming are currently a universal phenomenon that makes it possible for data cards to be read and wirelessly transmitted in real-time from ATMs and point of sale (POS) devices. Moreover, systems of POS are an entire sub-category of cybercrime infiltration, and it is the weakest payment processing point. Therefore, it is not surprising to get malware individually modeled to retrieve data from embedded systems in the POS (ACS 2016, p.25).
External and internal factors that lead to successful breach
The key elements that enhance the success of the development of targeted attacks on IT technologies are reduced to five major factors. The first one is lack of capabilities to prevent and an over-optimistic idea of today's perimeter security. The second aspect is the low awareness of employees on the risks of information security. The third factor is lack of visibility on the IT environment and especially network routing. Four is outdated and proprietary operating systems and software. Lastly, is lack of a qualified security team on matters of digital forensics, malware research, threat intelligence, and incident response (Kaspersky 2017, p.1).
Recommendations
Cyberspace security should be a team effort if the targeted capabilities are going to be successfully safeguarded. Precisely, it is from the formation of partnerships that interagency coordination and information sharing is made possible. Information sharing is critical because it informs all the relevant parties about potential or malicious cyber activities. Further, partners can also share detailed insights on the lessons learned and the best practices of cyber-security. Secondly, the government should construct bridges that link them to the private sector, given that the private sector develops the IoT that eventually become targets for cyber threats. Hence, it is vital for the State's cyber-security branch to work closely with the private sector to commercialize and validate new cyber-security ideas for the Department (DoD 2015, p.3).
Thirdly, if organizations are going to combat cyber-attacks successfully, they ought to move from a perimeter-based mentality to an active-comprehensive approach that concentrates on several layers of analytics, defense, and incidence response. Also, organizations should outline the critical elements of a strategy of defense, and this includes a clear understanding of what needs protection, security posture analysis, data classification, training and security awareness, enhanced capabilities of detection, and proactive plans of incidence response (O'Leary, Grahn, & Poarch, 2017).
Conclusion
Cybercrimes have become a significant concern both at an individual and organizational level. From the above arguments, it is clear that more technological innovations augment cyberspace attack. The new novelties come with primary security measures that can easily be bypassed by determined cybercriminals. Moreover, the lack of awareness of security risks for most internet users increases their chances of being compromised. In this regard, cyber-security should be modeled to not only combat but also safeguard the targeted hardware and software from potential attacks.
References
ACS. (2016). Cybersecurity: Threats, Challenges, and Opportunities. Sydney: ACS.
DoD. (2015). The Department of Defence Cyber Strategy. Washington, DC: The Department of Defence.
EY. (2014). Cyber threat intelligence - how to get ahead of cybercrime. Ernst & Young Global Limited.
Kaspersky. (2017). Advanced Threat Defense and Targeted Attack Risk Mitigation. Retrieved January 4, 2018, from https://media.kaspersky.com/en/business-security/enterprise/kl_kata_whitepaper_og.pdf
NAP. (2007). Chapter 5: Cyberterrorism and Security Measures. In NAP, Science and Technology to Counter Terrorism: Proceedings of an Indo-U.S. Workshop (pp. 43-54). Washington, DC: National Academy of Sciences.
O'Leary, D., Grahn, A., & Poarch, D. (2017, June 26). How to Successfully Combat Targeted Cyber Attacks. Retrieved January 3, 2018, from http://focus.forsythe.com/articles/268/Combating-Advanced-Persistent-Threats