Internet under attack

Written by Sudhir Chowdhary | Updated: Aug 12 2013, 18:07pm hrs
Two decades ago, it began with basic threats like worms and viruses, or kids in high school trying to compete to see how many email accounts they could hack. These days, individuals and businesses, of all sizes, are increasingly struggling to defend themselves from the explosive growth in security threats and cyberattacks. Attackers continue to strengthen and evolve the techniques and tools they use to assault privacy, bank accounts, mobile devices and businesses.

The internet is wrought with all kinds of dangers for your mobile phone, laptop or tablet, as well as for your personal information. Earlier this month, renowned industrialist Nikhil Nanda, who is also Escorts Groups joint managing director, became the latest victim of internet crime when some UK-based cyber criminals cheated him into divulging his email password, and then sent out mails to his contacts seeking money transfer for a relatives operation in Manchester.

Even otherwise, July 2013 was a busy month for security breachesit was reported that Club Nintendo had been breached with the personal data of up to four million stolen by attackers; the forums of Ubuntu were hacked with the loss of 1.82 million user names, passwords and email addresses. Additionally, Apple announced that their developer website has had an unknown amount of personal data stolen.

The crux of the matter is that the internet at large is under threat. The global dependence on technology and specifically the internet has grown manifold over the last two decades. As a result, there have been a flurry of dangerous attacks which have been planned and executed, intending to cripple global organisations through the internet.

Few are aware but it has been 25 years since the discovery of the first computer worm which spread through the internet. Famously named Morris worm after its creator, Robert Tappan Morris, a student from Cornell University, it was supposedly an attempt to measure the scope of the internet. But when unleashed, it managed to infect close to 6,000 computers as collateral damage. The code contained a bug that allowed the worm to infect a single machine multiple times and spread to other computers through the internet. And this was just the beginning!

In 1999, the Melissa Virus affected about 20% of computers worldwide. Email servers around the world were forced to shut down in order to prevent the virus from spreading, as well as to remove the virus from their system. In 2004, the MyDoom worm, slowed down global internet access by 10%, and caused website access to be reduced by 50%. This led to a cumulative loss of a mammoth $38 billion worldwide.

In March this year, the largest cyber attack in history, called a Distributed Denial of Service (DDoS) attack, was directed against Spamhaus, a firm engaged in the business of identifying sources of spam emails and blacklisting them. A DDoS attack involves thousands of computers around the world (infected previously via viruses) sending bogus traffic to a single website in the hope of overloading its servers. While the attackers could not disable CloudFlare, a software used by Spamhaus to

deflect the increased traffic, they went after the networks that CloudFlare connected to and began to attack the computer servers that provide this networks foundation. The attackers went after the London, Amsterdam, Frankfurt and Hong Kong internet exchanges, which route regional internet traffic and are also used by sites like Google, Facebook and Yahoo. While the attackers were unable to stall the internet completely, they slowed the internet down considerably.

This chronology shows a massive transformation, highlighting the increasing magnitude of threats which are ready to plague the next generation workplace. And each more serious than before. The proliferation of internet usage has led to the evolution of cyber attacks, with each one being highly sophisticated and pervasive in nature, says Srinivasa Boggaram, sales engineer team leadIndia, McAfee. McAfee labs record more than 100,000 new malware samples every day. Today cyberattacks have turned from an act of personal challenge and notoriety, to that of being commercially viable and highly targeted in nature.

Attackers continue to strengthen and evolve the techniques and tools they use to assault privacy, bank accounts, mobile devices, businesses, and organisations.

According to Diwakar Dayal, headsecurity business, Borderless Networks (sales), Cisco India & Saarc, the internet by nature is an extremely dynamic environment in terms of both topology and design, makes it that much more vulnerable (a weakness that a person can

exploit to accomplish something that is not authorised or intended as legitimate use of a network or

system) to exploits.

Two decades back, it began with basic threats like worms and viruses, or kids in high school trying to compete to see how many email accounts they could hack. Over time, threats evolved to operating systems based attacks like spyware and rootkits and became harder to find and to detect. These days, its about advanced persistent threats and cyberwarfare which have become bigger and more serious problem.

Entire nation states are getting involved, meaning its not just enterprises being impacted, but entire governments trying to defend against the same. We believe that the problem is going to get more serious. This is primarily because the attackers are not just mere machines but people, people who can think, react and modify their behaviours based on what systems you are putting in place, says Dayal.

According to the Cisco security business head, in 1996, the internet connected an estimated 13 million computers in 195 countries on every continent, including Antarctica. Since then, the internet has been quickly transcending boundaries and is estimated to reach 3.4 billion users by 2016. Enterprises and individuals are also increasingly aware of the potential that this enormous platform brings along with it. As more company data and personal information is stored and shared through the network, organisations are now cognizant of the hazards that could be brought about by any type of security breach. This awareness is propelling companies toward an age of informed decisions to employ technology and security in a more structured and cohesive manner.

In this cat and mouse game of security defenders versus hackers, the race against time and trends is getting more and more difficult. Cisco has recently collaborated with Data Security Council of India (DSCI) to design a reference architecture for various industries to follow and implement for a robust security framework. In their joint study on the security landscape, 53% of Indian security leaders surveyed agreed that current solutions are incompetent to withstand sophisticated, targeted & persistent threats. However, business leaders today understand the importance of having a solid security infrastructure and are addressing this proactively. The reference architecture will help security leaders to choose the right security solutions and tackle the new security challenges and risks brought by new business computing models.

As we are ushering in a new era of capabilities around discovering and stopping threatsit is critical to look at the typical anatomy of a threat today and how we respond to it. Dayal feels that many of todays enterprises have Web and email gateways to stop infections from a user host. But its very easy for the user to go outside the enterprise and get infected as there are too many

infection points thanks to roaming internet accessa standard service used by most smart phone users. But once inside the corporate network, theyll move around throughout the enterprise, propagating from host to host to execute their mission. For a long time, enterprises have used cloud based threat defenses, but now customers are realising the need to add intelligence to detect things like known bad IPs, bad Web locations, which can help them, analyse their networks better for bad stuff.

According to McAfees Srinivasa Boggaram, companies in India, much like the rest of the world, are looking for cost-effective solutions that address regulatory mandates, mitigate security risk, and go beyond using security as an instrument to stop bad things from occurring and instead leverage security to enable more efficient, effective and agile business.

Technology vendors such as Cisco believe that creating awareness about the various routes in which security threats escalate and/or proliferate through the network is critical towards ensuring data security and integrity. For enterprises this is important because many Gen-Y employees adopt the my way stance at workthe widespread adoption of the BYOD phenomenon has also

introduced a list of security challenges on a major scale.

In shortthe threat landscape is changing and the way forward is to adopt a robust security framework that is dynamic and effective.