The Future Of Cyber Attack & Defence Systems

Sandeep is an Indian Navy veteran with 20+ years of experience on diverse Naval platforms and he is responsible for steering the information security program consisting of Security Governance, Security Architecture, Engineering & Operations and Identity & Access Management

Every business is a software business’ – this quote by Watts S. Humphrey, reinforced by Microsoft’s CEO, Satya Nadella, highlights the significance of online businesses and how they complement their brickand-mortar counterparts. However, considering the current challenges, the statement needs to be slightly modified to include the security aspect. Hence, it makes sense to say – ‘Every business needs to be a ‘secure’ software businesses’. Now the question would be: What value does the word ‘secure’ brings to the table? Instead of dwelling on recent incidents of breaches, security must be considered a business enabler. It serves as a guardrail to ensure that the business is always available across all channels, bereft of malicious components. But organizations are at constant risk from entities attacking systems and undermining their defense mechanisms. These mechanisms can be based on technology, processes or people. A victory against such adversaries may be fleeting, but a security compromise can significantly, and permanently, impact a company’s reputation or profit margins. Therefore, businesses must be future-ready to tackle security challenges.

Better worded and genuine sounding spear phishing campaigns customized with business-specific jargon would be a norm in the foreseeable future

What the Future of Cyber Security Holds
An amalgamation of key trends will define the future landscape of cyber-defense systems. Let’s look at some of these:

The Cloud Arena
Although each cloud tenant has its security arsenal, businesses need a dedicated and skilled workforce to tackle security challenges. For example, they will have to modify their processes to leverage benefits offered by the cloud, such as flexibility and agility. Adversaries might use the cloud to set-up a legitimate-looking business and win the trust of scanners over time, avoiding detection or gaining reputation credits. This infrastructure can then be used as a launch pad for multidimensional attacks. Intruders can leverage the cloud to launch undetectable command and control servers spread across multiple geographical locations to collect data post successful infestations of a business network.

Automation Everywhere
To meet the consistent patching infrastructure requirements within the defined SLAs, businesses will need to deploy immutable infrastructure wherever feasible. They will also require an end-to-end automation process for updating applications or microservices. Adversaries can use automation to profile servers/ applications/network devices and components in the tech stack via sophisticated tools to launch security attacks. Hence, businesses need to be ready to tackle these risks.

IoT Challenge
Not with standing the advantages and value that IoT devices add to a business, these provide a ripe opportunity for launching cyber attacks. This is due to factors like the use of legacy technology, upgrade challenges and inadequate default settings. Businesses must consider these as highrisk assets and deploy a robust security envelope around them to make sure that adequate segmentation is maintained between such highrisk assets and the corporate network. An adversary would continue to look for opportunities using capabilities like analytics, automation, and more to explore vulnerabilities.

Human Element
The Cambridge Analytica case is a good reference for adversaries to profile human behavior based on innocuous-looking surveys. This can be further strengthened by correlating data from other social media sources to identify a specific exploitable trait that would be amenable to manipulation. Better worded and genuine sounding spear-phishing campaigns customized with business-specific jargon would be a norm in the foreseeable future. Businesses will have to track such trends and launch relentless counter campaigns to make their employees aware. Tools tailored to catch fraudulent messaging and ‘knowledge sharing’ must be integrated into the corporate communication ecosystem.

Managed Security Services
Since incorporating cyber security controls is an expensive proposition, small and medium-size businesses would rely on third parties to manage this facet for them. The future might witness a rise of attack services available at competing costs to anyone willing to pay the price. A market for this already exists on the dark web, which will mature with time.

Supply Chain Management
Both attack and defence entities would continue to adopt shift left policy to explore points of compromise in software as well as hardware supply chain. The advent of 5G will open up newer attack vectors as legacy/ incompatible software/hardware in the infrastructure chain will introduce bottlenecks as well as fresh landscape for adversaries to test their skills. Blockchain technology needs to be leveraged by businesses to establish trust and trace ability.

Artificial Intelligence & Machine Learning
As conversational bots improve with time, adding value to businesses in customer support, optimizing operations/ processes and collecting instant feedback will become necessary. These will integrate technologies like deep fakes, voice cloning and user profiling to create situations to either solve a customer’s need or ferret out information for exploitation.

Asymmetric Threats
The use of drone technology to disrupt businesses in the form of jamming wifi or satellite signals and intentionally damaging infrastructure may become a reality as customization to a specific need becomes abstracted from underlying complexities.

Specialized Skillset
The demand for a specialized skillset for ‘building in’ security rather than ‘bolting it on’ will increase. Businesses must invest in cyber security trained human resources to safeguard their existence by hiring security architects, engineers trained in offensive and defensive capabilities, and experts capable of implementing a mature risk based governance framework. In the case of adversaries, the focus would be to create plug-and-play attack tools and products that anyone willing to pay the price can easily use.

Bracing for the Future
The U.S. recently instructed all its federal agencies and suppliers to modernize their security infrastructure and implement a Zero Trust Architecture. This is a cue for all businesses to consider adopting a secure framework in their business models. The same must be complemented with an improvement in the process workflow in which the human element will be equally important. Hence, the level of coupling between the triad of people, processes and technology marks the difference between success and a breach.