Digital Threats

How attackers upped their game to fit the Cyberspace

Cyberspace is a digital picture of our physical world, a kind of mirror of it. We populate, reside, and engage with others in cyberspace. Here, we form deep social and business collaborations. It teems with commerce, agreements, and contracts, as well as conflicts and irresponsibility. Our economy is fully dependent on this kind of technology, and it became pretty important in our daily life. It is growing, developing, and changing. We are attached to it, we talk about it, and we remember events that occurred in it.

The Dark Side

We also presented the dark side of cyberspace along with all the good. Cyber-crime covers everything you'd expect to find in the physical world, such as theft, vandalism, voyeurism, extortion, stalking, con games, and fraud. People used to rob physical banks; today they rob digital ones. We are dealing with the same issues as before: attacks on individuals and systems, such as privacy invasions, as well as attacks against electronic systems.

The attacks seem different in this environment than in real world: instead of using lock-picks and crowbars, adversaries modify digital connections and database entries, and they target information systems and smart grids rather than physical structures and places, but the goals remain the same.

Money is in the Wire

The value of online companies is increasing year after year. This makes cyberspace increasingly appealing. Furthermore, money is no longer stored in banks, but rather circulates across computer networks. Every day, the world's banks exchange billions of dollars by merely changing numbers in digital systems. Criminals are always chasing money, and in these systems, there is plenty of it. The Internet has proven to be a fruitful ground for cyber-crime.

Something Changed

The dangers appear to be familiar and have similar objectives like in real world, yet the digital world has brought new characteristics. These elements make it more difficult to catch adversaries, make threats more prominent and common, and have more severe and global implications. Bruce Schneier mentions three of these in his book:

  • Automation: Attacks can be simple and profitable thanks to automation. Computers are increasingly being used to do repetitive tasks and cross-reference information. Attacks that were previously undetectable in the physical world can swiftly escalate into major concerns. There's the so-called "salami assault," which is an attack against a system that consists of many little activities (such as taking modest sums of money from multiple bank accounts) and is thus difficult to detect. This is an excellent example of something that could not have been accomplished without the use of computers and automation.
  • Action-at-a-distance: The Internet is a worldwide medium, and an intruder could be anywhere. They can commit digital crimes from afar and with a great degree of anonymity. This means that the attackers do not need to be near their victims. Because every computer on the Internet is connected to each other, we have be concerned about all of the world's cyber-criminals. The Internet's worldwide nature also complicates investigations and prosecutions.
  • Technique Propagation: The internet makes it easy for digital crime techniques and harmful software to spread quickly around the world. Only the first attacker needs to be good at what he does, and everyone else can use the software he made. Computer viruses, malicious software, and hacking tools can be downloaded from dozens of websites. These programs can break into computers, shut down servers, bypass copy protection, or use browser bugs to steal data from users' computers.

So, in essence, we can be as far away from the site we are attacking as we want to be. We don't need any expertise, only a software application obtained from some obscure website, and we don't even have to put ourselves in danger.

Complexity - More Opportunities, More Threats

Another aspect that is becoming more associated with digital systems is complexity. The ongoing desire for additional features in both hardware and software complicates the challenge of security design. Today's computing environments can be extremely complex, with several entry points to manage and administer. Unfortunately, complex systems are always going to be error-prone, and some of those flaws will introduce vulnerabilities that can be exploited. With a complicated architecture, an attacker has many more opportunities to uncover small weaknesses to exploit that may be difficult to detect ahead of time. So the idea is that the more complicated the system, the more likely it has exploitable weaknesses.

Conclusion

By bringing all of these aspects together, we get an increasingly fertile ground for hacking and a never-ending supply of challenges for security professionals to help protect all that’s valuable to us online, too.

References