10.5 trillion dollars expected annual losses.. Why do experts expect an electronic security disaster within two years?

In the world of cybersecurity, perhaps there is always one certain fact, that breaches will always occur, and their frequency and intensity will increase over time. This is the inevitable constant in an industry that costs an estimated $8.4 trillion globally over the past year 2022 without being able From deterring hackers who are always developing their methods to commit their electronic crimes (1).

In the annual report issued by the World Economic Forum Davos 2023 held last January, 91% of business leaders and specialists in the cyber sector expected the possibility of a large-scale catastrophic cybersecurity event during the next two years, due to the instability of the geopolitical situation resulting from the Russian war. -Ukraine, and the trade disputes between America and China, which is an expectation based on events, breaches, and security disasters in the recent past (2).

The year 2022 witnessed huge hacking operations, which varied and differed in terms of their objectives, and perhaps the most important of them was the breaches of the Russian government that targeted Ukraine, and more ransomware viruses against hospitals and universities in the United States, and even some countries’ governments were not spared from them, in addition to huge breaches of giant technology companies, such as Microsoft, NVIDIA, Uber, and Rockstar Games were all very expensive hacks, both in terms of money and data that have become the new treasure in our modern world.

Electronic attacks on countries

Ukraine has been the highlight of the cybersecurity field over the past year, after the industry has turned its attention to the embattled country, which has suffered several cyberattacks at the hands of groups of hackers working for Russia, either directly or indirectly.

For example, Russian hackers launched about 6 attacks of the type that erases data (Wiper Malware) against multiple Ukrainian targets, through malicious software designed with one goal, which is to completely destroy the data.

The goal of all these cyberattacks was to support Russian military operations on the ground.

One of the first and largest of these attacks targeted Viasat, an American satellite communications company used by the Ukrainian military and civilians. Known as "AcidRain", the attack targeted the company's modems and caused huge losses in communications in The beginning of the war, but the damage did not stop at Ukraine. Rather, the attack cut off communications for citizens using satellite Internet connections in most parts of the European continent (3).

And if we go beyond Ukraine, we can refer to the declaration of the Costa Rican government last April a state of emergency after it fell prey to cyber-attacks due to ransomware viruses. The attacks paralyzed many sensitive government interests and services.

This plunged the government into chaos and confusion, as tax payment systems and health care systems were affected, international trade stopped, and the state lost millions of dollars, so that workers in the affected institutions resorted to using pens and papers to complete their work (4).

The country's government declaring a state of emergency against this attack is the first of its kind by a government to respond in this way to a cyberattack.

This attack was carried out by the criminal gang "Conti", whose name has been associated with Russia (it is believed to be run by a group of Russian hackers, and has previously announced its support for the Russian government), and is famous for targeting its victims with ransomware viruses, and the gang asked the government of Costa Rica to pay an amount of 20 million Dollars in exchange for data recovery, but the government refused to pay it, and declared a state of emergency and war against the criminal gang.

Giant tech companies are in danger

The Uber hacker relied on social engineering attacks, which are used to identify people working in the company's security field in order to use them as a gateway to hack.

(Shutterstock)

And from governments to the incidents of penetration of giant technology companies, perhaps the most famous of which during the past year was the incident of a young teenager, at the age of 18, hacking into the systems of Uber.

In mid-September, the company's employees were surprised by a message on their internal communication application, Slack, from a person claiming to be a "hacker" and to have taken over the company's data.

The hacker relied on social engineering attacks, which are used to identify people working in the company's security field in order to use a gateway to hack (5).

When the individual breached Uber, they sent a slack notification to everyone informing them the company had been breached.

Employees thought it was a joke.

Photo via @ColtonSeal pic.twitter.com/tTTdPCTdV4

— vx-underground (@vxunderground) September 16, 2022

Within hours of the breach, several security researchers shared screenshots of the hack on Twitter, which indicated that Uber's internal systems may have been compromised so badly that it accessed the company's internal financial data.

It was clear that the hacker had not gotten to anything, perhaps as a result of his lack of time, rather than the strength of the company's security defenses, or the complexity of its data protection systems.

A few days later, another massive security breach of the famous game company "Rockstar (Games)" appeared, in which the hacker stole the "source code" of the company's most famous game "GTA 5" and the latest version that has not yet been released "GTA 6", He leaked several videos of the new game, claiming to be the same hacker who carried out the attack on Uber, but this time it seemed that the hacker was more interested in extorting money from the company than publishing the data he had seized (6).

Prior to that, in February of last year 2022, a hacker group called "LAPSUS$" claimed that it had succeeded in penetrating Nvidia's servers, stealing about 1 terabyte of the company's data, including more than 70,000 data. employee.

"Ipsos" demanded the company at the time to remove a feature in its graphic cards that reduces cryptocurrency mining operations, and threatened to leak the stolen data if the company did not implement its demands (7), and a month later, Microsoft announced that it had been hacked by the same group, but the company stated that the arrival of the hackers was limited and did not include any customer data (8).

Frighteningly fast development

CheckPoint discovered that hackers used ChatGBT to develop a version of the code for malware from 2019, known as InfoStealer.

(Shutterstock)

Threats and cyber attacks are evolving faster than ever. Cybercrime is no longer confined to the scope of that single "hacker" hiding in a mysterious place, but has turned into organized crime, not targeting ordinary people, but its goals are much larger.

Today, the cybercrime economy is one of the largest economies in the world, and a report by "Cybersecurity Ventures" predicts that the costs of global cybercrime damages will double by 15% annually over the next few years, to reach about $10.5 trillion annually by 2018. 2025, after reaching $3 trillion in 2015 (9).

With this, cybercrime has become very profitable for hacking groups and hackers globally, and they must always search for new methods to access this huge money.

Hackers are now using more advanced technologies, relying on artificial intelligence, machine learning, and automation.

Over the past few years, reliance on these technologies has increased, through the use of bots and automation tools to spread malware, as their availability and ease of use have reduced the skill barrier required to enter the world of cybercrime, to the point where a teenager can hack major technology companies the size of Uber, Not to mention that the availability of tools such as the new chatbot "GBT Chat" will make things easier and more.

Well, this is not just a prediction, but it actually happened after hackers found a way to bypass the software restrictions imposed on the GPT chatbot so that, relying on artificial intelligence, they could develop and improve malware code or fraudulent emails, as the company "CheckPoint" discovered According to Cyber ​​Security, the hackers (10) used "ChatGPT" to develop a version of the code of the malware from 2019, which is known as "InfoStealer".

These risks surrounding us increase as companies tend to collect more and more data about us, perhaps everything from financial transactions to electricity consumption to what we see on social media, in order to understand our purchasing behavior and how it can be influenced and predict what we need. more effectively.

All this is in addition to the development of the basic operating systems for smartphones, the trend towards remote work, and other changes in the past few years, which have made the data industry an integral part of our lives, and increased the risks associated with the leakage of this data.

Meanwhile, countries tend more and more to rely on groups of hackers to achieve their goals, as in the case of Russia and others, which is a dangerous trend that has negative effects in the long run. On the one hand, the governments of countries have a wealth of resources and talents that hackers can take advantage of to carry out sophisticated cyber attacks. On the enemies of the state, but on the other hand, it is certain that hacker groups are motivated by one motive, which is to make more money, and they do not care much about politics or geopolitical situations, and thus they will often be fully willing to sell their skills to the highest bidder.

The combination of these factors will make it very likely that we will see more and more sophisticated cybercrimes in the future, and this is what prompted business leaders at the World Economic Forum to predict a cyber disaster during the next two years, but the question remains: Will major companies and their cyber security departments stand up? Hands folded in the face of these challenges?

offered solutions

“The zero-trust security model means that we don’t assume trust in anything or anyone, and that we check and make sure everything is reliable before giving it access to data (Shutterstock)

In the field of cyber security, the hacker has an important structural advantage, because he only needs to find one exploitable vulnerability in the security wall of companies, organizations, and even people. This means that he has a much easier task than the person defending against him, who needs to close many loopholes Also, the hacker is often characterized by his ability to adapt and change his style faster than companies and cyber security teams can absorb, but this does not mean that companies and even individuals should stand without reaction.

There are solutions already proposed in an attempt to mitigate the risks and impact of future electronic threats, the first of which is the "zero trust security model", which - as its name indicates - means that we do not assume trust in anything or anyone, and that we verify and ensure the reliability of each A device, user, service, or anything else before granting him access to data, but that reliability must be re-checked frequently to ensure that none of these things are compromised during use (11).

Everyone should be given access to only the data resources they need to reduce the impact of any breach of trust that they have gained. This principle can reduce the frequency of cyber security incidents and mitigate their severity for companies, and even for the average user, you can always apply this principle when Your use of any devices, applications or websites, do not give anyone access to your data easily or in blind faith.

As hackers do, cybersecurity teams can also take advantage of the capabilities of artificial intelligence to counter electronic attacks, and thus they will need to constantly develop themselves as hacker groups do. For example, these techniques can be used to detect abnormal patterns, discover defects and vulnerabilities in various systems, and ensure that they are fixed.

Technology companies' move to get rid of passwords entirely and replace them with a passkey can help increase security.

(Shutterstock)

The move by tech companies to get rid of passwords entirely and replace them with a passkey can help as well.

In May of last year, Apple, Google and Microsoft announced that they would be coordinating efforts to make passwordless logins more accessible across all of their platforms, via a new standard known as FIDO, a type of authentication already used by some. Websites and applications, but the fact that large companies go to it means that it is spread and used in safer ways (12).

Using a passkey allows a person to access their account by agreeing to sign in on an external device, in a manner similar to multi-factor authentication, but without the need for a password.

For example, when a person logs into their account using this key, a message is sent to an additional device they own, such as their smartphone, that allows them to approve the login by entering a personal identification number, or using biometric registration, such as a fingerprint or face print.

The link between the key on the system that the user logs into and their private key on the personal machine allows the system to verify that only the person logging into the account owns that private key.

This method is - definitely - safer, because access to the key will become more difficult, given that the hacker will need access to both the public key in the application as well as the private key on the user's device to be able to enter the account, and the idea of ​​forgetting passwords and errors will end. human beings that occur.

In the end, it is not possible to confirm or deny what will happen in the future to our data and electronic security, but what can be confirmed is that companies, governments and people must pay great attention to the idea of ​​​​protecting that data in light of the development of cyber attacks that are becoming more fierce, costly and harmful by the day. after a day.

_____________________________________________________

Sources: