Roadmap for a Defense System Against Notorious Cybersecurity Threats Aadhaar cards and bank accounts of people, who were enrolled for government schemes, were publicly displayed

As computer systems worldwide are becoming increasingly interconnected, cybersecurity is of paramount importance to protect them from attacks, which cost companies and governments significant amount of financial and computing resources.

Defending against these notorious threats is a challenge due to the complexity of present-day hackers coupled with the limited computing resources.

Thus, there exists a need for understanding cybersecurity at a deeper level because of which a multi-pronged approach is necessary. Many cybersecurity start-ups have emerged, which enhance the security of devices, applications and services to increase their resilience against attacks. It is necessary that cybersecurity start-ups embody the following trends in a systematic manner to gain a strong foothold in the market.

Intelligence-led Approach

Although, machine learning has streamlined applications such as search, healthcare, biology and engineering, its applicability to cybersecurity faces significant amount of challenges due to complexity of the present-day hackers and varying requirements of security applications. At the most basic level, machine learning is used to classify between malicious and non-malicious data by building a profile of the application. Building on this, many cybersecurity start-ups have emerged that focuses on enhancing security through attack modeling and prediction.

While machine learning can classify between normal and anomalous behavior, attackers may try to evade the profiling by creating numerous false positives. These limitations can be addressed by applying advanced techniques such as game theory for adversarial behavioral profiling. Game theory is used to model conflicting interests between communicating entities and has numerous applications in cyber security. To solve problems using game theory, it is necessary to understand the attacker and defender model and their corresponding strategies.

Credential Thefts

Credential thefts are one of the most notorious threats where the attackers utilize one of the numerous mediums to steal the credentials of legitimate users. For instance, an attacker behaving as an insider can trick a legitimate user by sending a phishing email, which causes the user to reveal sensitive information.

Thus, defending against credential thefts is of significant importance since countries like India are moving towards digital payment systems. A recent study has revealed that the central and state government departments publicly exposed personal data of lakhs of Indians. In particular, Aadhaar cards and bank accounts of people, who were enrolled in government schemes, were publicly displayed. To defend against these threats, personally identifiable information need to be safeguarded and that systems involving multifactor authentication need to be developed.

Rise of Ransomware

There continues to be a surge in the ransomware infecting systems and preventing applications from running on them. Ransomware is a cyber-attack, which involves hackers to take control of a networked system and deny access to applications until a ransom is received as payment from computing parties.

Statistics show that the "WannaCry" ransomware has infected more than 45,000 computers across the globe. This number is projected to grow unless proper security measures are incorporated during the design phase. In addition, Britain's health care system called the National Health Service (NHS) was infected by a ransomware called "Wanna Decryptor", which prevented patients from making any appointment.

Blockchains and Internet of things (IoTs):

Digital currency called bitcoins utilizes blockchain technology to securely transfer money among computing parties. Blockchains involve trusted entities such as miners to verify and log transactions in a decentralized manner so as to prevent tampering by malicious entities.

Blocks are appended to the blockchain in a correlated manner. However, miners solve computational puzzles before logging transactions, which incur a significant amount of resource overhead. Since applications of IoTs such as smart cities and smart transportation may involve transactions, many start-ups are investigating the applicability of blockchains for IoTs along with practical use cases.

Since IoTs are resource-constrained, challenge lies in developing a dedicated infrastructure for blockchains and using it to securely communicate with the IoTs.

Embedded Security

Embedded systems deployed in applications such as healthcare, transportation, aircraft etc. are susceptible to a multitude of attacks due to the networked nature of these systems. Further there remains a need for evaluating the security of these systems and analyzing the vulnerabilities.

For instance, embedded systems in cars are vulnerable to cyber-attacks due to the weakness in standards such as Controller Area Network (CAN). Typically, there exist a number of legacy systems with improper security measures as a result of which integration with state-of-the-art systems may lead to vulnerabilities. Since embedded systems are resource-constrained, traditional solutions may not be readily applicable in such environments. Finally, security solutions need to consider the requirements of applications coupled with the threat model.

Security Education

A strong emphasis must be placed on cybersecurity education which requires empowering people with strong cybersecurity skill sets. Companies need to incorporate security during the design phase of their products.

In addition to designing the products, they need to develop security teams which can not only warn/notify users of a potential hack, but also provide comprehensive support through a centralized control that can assist users in the recovery process.