Technologies With Impact on Cyber Security

Promising Technologies That Will Have a Huge Impact on Cyber Security

Last updated on October 6, 2019 Views: 547 Comments: 0

Walking around with a tiny computer, or even a range of tiny computers in our pocket has made so much of the way we live and work more convenient. We have the freedom to take our jobs on the road, to sort out bills when we have a few minutes to kill, to order products that we need for tomorrow.

For every new type of freedom this brings, though, another area of risk is created. Every app or device opens up a part of our lives, or a pool of data to potentially be hacked or exploited.

Cyber security technologies have been racing to catch up with these new threats, with promising results. In this article, we’ll take a look at some of the key trends shaping our security and privacy – and the steps you need to take to protect yourself going forward.

The Cyber Technology to Watch Out For

Here are 5 top cyber technology tools that are shaping the future of security for the better.

1. Deep Learning

Cybersecurity threats evolve and mutate all the time. Staying alert to the sheer volume of potential threats and figuring out when your system is under attack is an arduous job for any IT department. As we talked about here, most hackers are trying to slip in undetected to steal or tamper with as much data as possible for as long as possible – and it can often take months to discover there’s been a breach.

That means that cybersecurity systems need clever, automated, responsive technologies in place to scan network activity continually and spot any unusual activity or anomalous traffic. For that, machine learning techniques have proven to be increasingly useful in recent years.

However, there are some limitations. Machine learning programs are designed to work with big data, but they can’t always cope with oceans of it. There are also challenges for machine learning-based technology when it comes to accurately classifying and detecting specific types of malware. To make matters worse, attackers use a range of complex techniques, including obfuscation, impersonation, compression, and polymorphism to avoid being detected.

This is where deep learning comes in.

Deep learning is a subset of machine learning based on large neural networks. In other words, it mimics the way the brain works. That means linking together nodes of information across huge deposits of data, forming relevant connections, making rational decisions about which types of data are related to one another, and establishing patterns and relationships that actually make sense. It’s hugely complex stuff.

It also means that deep learning is a huge step up from classic machine learning-based approaches, which tend to be rule-based. As such, new technologies built on deep learning are seeing substantial improvements when it comes to detecting malware and network intrusions.

Take the malicious PowerShell scripts used by the Odinaff hacker group a few years ago. These were used to target banks and financial institutions in order to extract data, escalate privileges, evade system defenses and access sensitive information generally.

In these situations, hackers used fileless malware, which downloads malicious scripts directly into system memory and loading it from there. This is really troubling because it gets around most antivirus file scanners, which are looking for actual files that have been downloaded to the hard drive.

What’s more, cyberattackers using PowerShell fileless malware will then obfuscate the code, making it hard for the AV program or a human analyst to work out what the script is trying to do. By making endless, minor variations to the code, they stay just ahead of the AV as it frantically tries to update its core directory of malware and cross-reference this with what it’s finding on the system (more on this later). The fileless malware is adapting so quickly that it’s always one step ahead of the AV, even when this uses machine learning to help it spot malware more effectively.

By upgrading to deep learning techniques, though, researchers were able to move beyond simple rules and develop an algorithm that could collect and analyze PowerShell logs, predicting with 93% accuracy when a script was obfuscated.

In short, with deep learning, you have a system that can spot patterns, and tiny variations and similarities, across masses and masses of data. This helps a top-of-the-range AV system to stay on top of even the most subtle and sophisticated threats.

2. Hardware Authentication

Generally speaking, passwords are a very weak form of security measure. Most people don’t select particularly difficult ones to figure out, or they use the same password for everything, or they keep a copy of their sign-in details somewhere that can be discovered easily.

These issues, as well as a whole host of others, make it far too easy for hackers to get into information systems and access sensitive data. As a result, many companies are looking into alternative, more robust ways to provide security. One increasingly popular method is to try and build the authentication process into the hardware itself.

The concept itself isn’t a new one. Hardware authentication refers to any type of security measure that demands that a specific hardware device is involved in the process of vetting the user.

Sometimes this is achieved using locally stored biometric data. For example, if you use your fingerprint to unlock your phone, that’s a form of hardware authentication – and a similar system is often created by attaching a finger swipe pad to a computer’s USB port via a cable. Optical recognition systems work by scanning the user’s retina using a small camera that connects to the computer and, again, matching this to the user’s eye image stored in the device.

Another approach that’s been around for a while involves USB Security Keys, or security tokens. Similar to the biometric versions, you plug these into the computer, but this time the authentication step is achieved by entering a security key as well as the system password. Plus, of course, you need to have the physical USB device to hand, so it’s much harder for a hacker to spoof.

More recently, companies such as Intel have developed highly sophisticated hardware authenticator devices like the newest iteration of the Core vPro processor. This carves off part of the computer processor, or chipset, for the security stage, removing the need for a separate USB device, and incorporates a number of additional hardware-based elements used to validate the identity of the user.

As well as strengthening the authentication process at the user endpoint, hardware authenticators are increasingly important in a world based around the Internet of Things (IoT).

So many interconnected devices dramatically increase the threat surface (the places a hacker might try to get in), while making it harder to track which devices have the right to connect to a particular network. Insisting on a physically present device in the authentication process helps to keep tabs on this, while making it much harder for a cybercriminal to gain access to a network remotely, taking control of it from afar.

3. User-Behavior Analytics

At some point in time, you will almost certainly have had a call or a message from your bank or credit card company, telling you they’ve blocked a payment because it looked like suspicious activity in your account.

This is triggered by a form of user-behavior analytics (UBA). Basically, something about that payment seemed out of character for you, based on whatever activity profile or algorithm your bank is using as a yardstick to judge your payments by.

A similar approach is now being rolled out for enterprise security. In the past, if someone managed to get through authentication checks, that was it: they were in the system and they could do what they wanted. There was no way to spot that they shouldn’t be there. If a cybercriminal got hold of someone’s username and password, they were into the network and off to the races. No further questions asked.

Cybercriminals tend to follow a specific pattern of behaviors: initial penetration, lateral movement, compromise, theft, and infiltration of data. However, it used to be very difficult for security professionals to detect this progression when a person seemed to be signed in as themselves.

Thanks to the rise of UBA, network operators and defenders no longer have to accept this “once you’re in, you’re in” mentality. Even if someone appears to have gained access to the system using legitimate credentials, the system will flag up if they begin to behave strangely once they get there.

Not only does the system analyze a person’s behavior based on their usual activities, it can also be set up to assess this in comparison to their peers. For example, if one manager starts using or navigating data in the system in a completely different way to everyone else. This may be taken by the system as a sign that someone has taken over their account – or that they are up to something they shouldn’t be doing.

4. Data Loss Prevention

Did you know that some security apps and tools allow you to lock down your phone remotely, so that no one can use it even if they manage to steal it? Well, a lot of companies and organizations are taking a similar approach to their most precious data. As well as trying to stop people from stealing it, they’re also looking at ways to make the plunder useless if it does get stolen.

Unfortunately, data breaches are on the rise: they’re up by 54% in 2019 alone. There are simply too many factors that contribute to the possibility of a breach, from determined hackers seeking out weaknesses in security technology through to human errors made inside a company.

Rather than focusing exclusively on plugging a leak, many organizations are now thinking carefully about how to encrypt their data effectively, so that even if it’s intercepted, it can’t be read.

By adding additional layers of protection to data right down to the field and subfield level, an organization or enterprise can deter attacks by making it impossible for hackers to use the data they collect for financial gain.

Encryption also means that sensitive data can be secured as it moves from one part of the business to another, contributing to compliance requirements when it comes to protecting people’s personal and payment data.

Advances in data analytics and business intelligence platforms create ways to use this data for its intended purpose while still in its encrypted form, improving security without impacting negatively on day-to-day business processes.

Connected to this is a growing interest in blockchain technology for security. This doesn’t solve the problem of keeping data locked up and safe, since blockchain is all about transparency and public ledgers. However, it plays an important role in preventing fraud, illicit financial transactions, and interference with data. You can find out more about blockchain and security here.

5. Infrastructure-as-a-Service (and in the Cloud)

Until recently, comprehensive security architecture that could defend an entire network or stave off determined hackers meant building and maintaining it yourself. This required a massive upfront investment, tons of on-premise hardware and a team of experts who had to figure out all the issues for themselves, all around the clock.

The advent of Cloud technology saw many of these features shift in the online space. Virtualized firewalls, intrusion detection, and security systems generally began to crop up as lower-cost, less resource-heavy alternatives.

Today, this has evolved still further, to the point where scalable, subscription-based infrastructure-as-a-service solutions are cropping up all over the place. It’s great for organizations and startups that don’t have the in-house budgets to manage their own high-end security budgets, but it’s also great for the customers who trust them with their data.

That’s because centralizing the maintenance of this architecture is far more efficient and means a core team of dedicated experts can zone in on this issue. It also means that this security technology is agile and perpetually updates, so users have access to up-to-date tools and patches to meet the newest cybersecurity threats, without having to upgrade their entire systems.

How to Use Security Technology to Stay Safe As New Tech Advances

While these exciting new technologies are gradually filtering down into the mainstream, it will take time before they’re embedded into consumer products as standard. What’s more, it’s not as if hackers are throwing in the towel – there will always be new types of vulnerabilities to exploit and attacks to fear.

That’s why it’s so important not to get complacent. To stay completely secure, you’ll need to embrace these essential security measures and technologies:

Use a VPN

Virtual Private Networks (VPNs) provide an invaluable layer of security whenever you’re using the internet. A VPN will encrypt your connection from end to end, protecting your online activities from private eyes. Key security benefits include:

 

  • Improved Security at Work. Organizations and government departments that handle sensitive data or valuable intellectual property tend to have their own VPNs set up to keep their secrets safe.
  • Secure Connections to Public WiFi. When you’re using public WiFi, routing your connection and internet traffic through a VPN prevents others on the network from spying on what you’re doing. Without this, it’s alarmingly easy for people to hack in, capture your passwords or payment data, or contaminate your connection with malware.
  • Private Calls. VOIP (internet calling) services are also scarily easy for hackers to intercept, especially when you’re on public WiFi. Even services like Skype and Facebook Messenger are at risk. To be certain that no one is eavesdropping, get a VPN in place.
  • Researching in Peace. Sometimes, searching for certain types of information is enough to flag you up for suspicious behavior or even get you in hot water with the authorities. Obviously, that’s more of a risk in countries with stricter censorship laws, but even in countries with greater digital freedoms, journalists and researchers can get nervous – especially when communicating with sources, sharing material or looking up sensitive data. A robust VPN means no one can see what you look up on the internet.
  • Staying Anonymous. Whatever your reasons, you may just feel more comfortable knowing that no one – not your ISP provider, your employer, your government, online advertisers or anyone else – is watching you or tracking what you do. A VPN disguises your IP address and assigns you one from its own servers, meaning you’re anonymous online. You avoid monitoring, interference or censorship, and it’s much harder for anyone out there to work out where in the world you are.

We Recommend: ExpressVPN

A particularly strong choice for an all-round effective VPN is ExpressVPN. This one is very fast and powerful, unblocking just about any kind of content. It’s a popular one for getting around geo-restrictions for HD video streaming sites like Netflix and you can connect to servers in 94 countries around the world. It also works on pretty much any kind of device.

More importantly from a security point of view, ExpressVPN offers DNS leak protection, a stealth mode and a kill switch. This suspends your internet connection if the WiFi connection drops and reconnects, so that your true IP never creeps onto the internet, even for a moment.

The encryption level is excellent, and the privacy policy is watertight – the company doesn’t keep user logs, and is based in the British Virgin Islands, so it has no legal requirement to hand over information about its users to the authorities.

Install Antivirus Software

As an absolute baseline, you should have comprehensive antivirus (AV) software installed on your devices.

This is especially important if you’re using Windows or Android devices. Only a tiny fraction of malware is targeted at Apple products and its sandboxing technology does a highly effective job of isolating many of these nasty programs to prevent them from spreading and infecting the wider device or system. That said, these aren’t totally immune; a bunch of Mac-specific viruses and vulnerabilities have been uncovered.

AV refers to any kind of program that you use to detect, remove or block malware from getting into your system. That includes viruses, worms, trojans, ransomware, spyware, file-less malware, and hybrid attacks. Your AV program will do this by cross-referencing any files or programs your computer or mobile device tries to download against a huge, evolving database of known threats.

AV providers update the malware profiles on these lists continually to avoid getting caught out. The very best ones also have built-in strategies to detect viruses and other malware that have only just been created – known as “zero-day threats”.

Among the most pernicious forms of common malware are Trojans, which masquerade as legitimate programs but fill your device with malicious code; Spyware, which lurks in your system, tracking what you do (sometimes also recording you secretly through your webcam or microphone) and reporting it back to the hacker; and Ransomware, which locks up your files and demands a ransom to open them.

Many of today’s nastiest forms of malware blend elements of these different types, creating hybrid attacks. These are sophisticated creations that may start off acting like one type of malware but then switch to behaving like another. These are particularly dangerous because they can confuse lesser AV programs into thinking they’re dealing with a different type of program, or that they’ve successfully removed it, while the malware goes on wreaking havoc.

The primary purpose of AV is to nip attacks like these in the bud or help you to remove any malware that gets through. That said, given the evermore complicated digital security landscape and the fierce competition out there, top-of-the-range AV providers go much further.

These offer complete internet security suites that may comprise device monitoring, buyer protection for online purchases, VPNs, social media protection, performance tune-ups and more. Typically, these additional features only come with paid versions of the software, though.

If you’re looking for dependable AV software with excellent malware detection rates and works across all operating systems and devices, we recommend McAfee. It’s a paid-only platform, but there are a bunch of pricing tiers to suit all budgets. Additional features range from online transaction protection to advanced parental controls, and the 24/7 support is highly rated.

Update Your Passwords and/or Use a Password Manager

Do you get periodic emails from your IT team at work pestering you to change your passwords? Do you sigh with irritation when you a site or app won’t let you use a password that’s too weak, or one that you’ve used before?

Yes, these things can be annoying – but it’s also extremely important that you take this element of security seriously. Just as an experiment, try visiting the site Have I Been Pwned? and typing in your email address. This tells you if your email address has ever been caught up in any known hacks, malware attacks or massive data breaches.

To give you an idea of how common this is, by running a personal search, I could see that an email address I use and the associated password had been leaked in historical data breaches at Dropbox, Kickstarter and an unidentified hack that amassed 772,904,991 individual records, that a ton of my data was exposed through a huge backend MongoDB breach earlier this year at Verifications.io, and that my email address had been swept up by a spambot as a result of undetected malware in 2017.

That’s a lot of breaches for one person. While it’s bad enough that hackers could have interfered with important Dropbox files or downloaded personal information, take a moment to think about what that would mean if I used the same password for everything or never changed it. Can you begin to imagine how many parts of my life a hacker could access using that one leaked password?

If it can happen to me, it can happen to you. Make sure you manually update your password on a regular basis. Even better, use a password manager tool to randomly assign a very strong, unique password that can’t easily be guessed for each one of your accounts. Some tools, including Apple’s built-in password manager, will then autofill these passwords on all your connected devices for you.

Oh, and I shouldn’t need to say this, but… for the love of all that is holy, never, ever make your password “Password”, “P@ssw0rd”, 12345678, etc. These kinds of passwords are far too easy to crack using what’s known as “brute force” attacks, where hackers try out swaths of common combinations and simple passwords in the hope that one will stick. Thankfully a lot of sites won’t let you choose overly easy-to-guess passwords anymore, such as straightforward dictionary words without any numbers or symbols.

Stick to the Official Apps

Always make sure that you download apps and software from official sources. On mobile devices, that means getting them from the App Store or Google Play. On your laptop or computer, try always to download from the company’s actual website.

If anyone ever asks you to download an app, for example, something like Whatsapp or Telegram in order to communicate securely, look this up yourself. Don’t follow any links they’ve sent you, especially if you don’t recognize the sender.

That’s because hackers are getting better and better at “Trojanizing” apps – i.e. creating versions of popular apps that function in exactly the same way, but also operate as malware, secretly sending your information back to the cybercriminal or giving them an inroad to spy on what you do on your device. You may not notice anything unusual, but someone out there is watching everything you do.

It might sound like paranoid, but there have been some well-documented cases of this happening at an enormous scale.

Take Operation Manul, which uncovered the activities of a Lebanon-based hacker that the investigating team dubbed “Dark Caracal”, between 2012 and 2017. As Cooper Quentin explains in a fascinating Darknet Diaries podcast episode, this prolific actor appeared to be a “cyber mercenary” who helped governments around the world to implant spyware on the devices of journalists, activists, opposition figures and any other ordinary citizens they wanted to keep tabs on.

It took years to discover the extent of the spying. By then, Dark Caracal had amassed hundreds of gigabytes of highly sensitive data from thousands of victims, across 21 countries in Europe, North America, Asia and the Middle East.

Obviously this is an extreme case, but it shows just how serious a breach can be if a determined hacker manages to implant malware on your device. Encrypted messaging apps help to protect your privacy, but don’t take any risks when it comes to what you choose to install – and from where.

Conclusion: Stay Vigilant

It’s important to remember that you can have the most state-of-the-art technologies at your fingertips… but they only work if you actually use them!

If you switch off your AV because you don’t want to wait a few extra seconds for a complete malware scan, you’re not getting the benefit of the program. If you decide not to bother with your VPN because the public WiFi is already slow enough, you’re putting your system at risk. You could have the most impressive hardware authenticator devices on the planet, but if you don’t set them up properly, or you don’t keep them safe, someone will find a way to interfere with them.

There’s no substitute for taking security seriously. Be careful with your data, passwords and security technology – and always be on the lookout for anything that seems amiss.

Article comments