With the Equifax data breach that affected millions of consumers fresh in everyone’s minds, a program on cybersecurity couldn’t be timelier.
Alas, cyberattacks won’t stop anytime soon, but luckily there are strategies people and businesses can use to slow them.
That’s one of the key takeaways that a Silicon Valley software expert delivered as one of the keynote speakers for “Privacy and Security in the Era of Big Data,” the topic of the fourth annual Impact Symposium at Lehigh University in Bethlehem on Friday.
The full-day program offered panel discussions with a variety of experts exploring many topics under cybersecurity. Focusing on this issue is important, said Patrick Farrell, provost and vice president for academic affairs at Lehigh University.
“It will make people think very long and hard about where their information is kept,” Farrell said.
Cyberattacks have continued to grow into big business as compared to the first viruses of the 1990s, which were more of a nuisance or inconvenience, said Tom Gillis, CEO and co-founder of Bracket Computing, based in Mountain View, Calif. He led the discussion on data privacy and ways that cyberattacks have threatened security as a form of warfare.
GOVERNMENTAL AGENCIES ALSO VULNERABLE
Attacks have not only penetrated the networks of large corporations but also governmental agencies.
“The impact of cyberattacks keeps growing. It’s literally changed the fate of nations. It’s very clear that the Russians were involved in the DNC [Democratic National Committee] attack,” Gillis said.
Home Box Office also was a victim of a recent cyberattack when hackers penetrated its network and released scripts for upcoming episodes of the popular “Game of Thrones” show into the public domain.
“These attacks are very long in their duration,” Gillis said. “We think with Equifax, those attackers were in the network for three months, with HBO, possibly a year.”
Clearly, in the case of Equifax, the liability for the breach rests with Equifax, he added.
“Whoever has access to your data needs to be held accountable, Gillis said.
HOW TO RESPOND?
Part of the difficulty the nation faces is its ability to respond without opening itself up to further cyberbreaches.
“It’s a huge, vexing problem in the U.S. because we don’t know how to respond,” Gillis said. “You can’t always share this information freely. Once that is disclosed, then there is a vulnerability. It has to be fixed immediately.”
About 70 percent of malware, or malicious software, is unique to an organization, Gillis said. It is targeted and very difficult to stop infiltration. Furthermore, 81 percent of organizations are unable to detect new threats.
40 PERCENT MORE ATTACKS LAST YEAR
For an organization, the average cost of a breach is $4 million, while the number of attacks is growing.
In 2016, there were 40 percent more data breaches than compared to the previous year, Gillis said.
“People have found ways to profit from these cyberattacks,” he said.
The attack chain starts with a vulnerability, which is often the person who clicks on a suspicious email, though software itself can have bugs and malfunctions as well.
Either way, once the door is opened, attackers are on the move and can establish a foothold, escalate the privileges and expand and connect the attack so it moves from server to server.
“We need to look at ways we can isolate servers and slow or even stop the spread of attack,” Gillis said.
BUFFER FOR THE NETWORK
One preventive technique is through memory inspection, which involves looking at the server and examining all of its parts.
Through the use of a hypervisor, which is software used to create an abstraction between the hardware and the operating system, it’s possible that an attack could be stopped from penetrating the network.
“The hypervisor is the entity that sits between the operating system and the server,” Gillis said.
With Amazon and Google offering software-defined data centers across heterogeneous infrastructure, that architecture is going to normalize security, and a lot of organizations are starting to move to these cloud-based data storage systems.
“What it comes down to is, what are the core aspects of the server we need to protect? It stops them from getting persistence in penetrating the network,” Gillis said.
With memory introspection, organizations can put a harder layer around their assets, and advanced security needs to be in the hypervisor, not the operating system. Furthermore, memory introspection can harden the core of the server.
MORE FUNDING NEEDED
While the attacks won’t stop, they will slow, Gillis said.
“It’s not just a criminal that’s trying to profit,” he said. “There are organized government entities who want to disrupt the U.S. economy.”
It’s a problem that needs to be solved by policy, and the U.S. government is doing some of the right things but it also needs to be funded to address the problem, he added.
Furthermore, the line between what is public and what is private is blurring.
“Your activities online are public domain,” Gillis said.
Other topics of the symposium included the future of privacy and security in the era of the internet of things and how concern for privacy affects business practices.