When most people hear the words cybersecurity, what do they think of? They may think of a hacker trying to get into an individual’s bank account, a company or organization’s computers being rendered unusable by ransomware, or they may think of an IT department at a bank trying to keep personal information safe from people who would steal it and then sell it on the dark web.
Cybersecurity is a topic that is not well known to most people, but it has already become a glaring personal and national security issue. In this article, I am going to cover why cybersecurity is important, what cybersecurity is, the risks that nations, business, and individuals face because of cybersecurity issues, and what the future may hold for the industry.
Why Cybersecurity is Important
So, why is cybersecurity important? Cybersecurity is important because it encompasses everything that pertains to protecting our personal information, intellectual property, data, and governmental and industry information systems from theft and damage attempted by criminals and adversaries.
Because of the massive increase in hacks and hacking attempts, cybersecurity has become an unavoidable topic of discussion in the past several years. Events that occur in the cybersecurity industry can and often do have global consequences and the possibility of catastrophic results.
It now seems that monthly, or sometimes even weekly, there is a segment in the news dedicated to discussing the results of a data breach at a major company, or a notice that hackers have captured a local computer network and are holding it hostage in exchange for vast sums of money (also called ransomware.)
Depending on the people doing the hacking, their goals and targets could be as simple as stealing personal information from people using public Wi-Fi, or they could be more devastating such as shutting down a city or country’s power grid to cause mass panic among the public.
Now that we have covered what makes cybersecurity such an important part of today’s digital world, we can take a deeper look into what cybersecurity is, the risks that nations, businesses, and individuals face because of cyber issues, and what the future may hold for the cybersecurity industry. Let’s start by diving in deeper into what cybersecurity is.
What Is Cybersecurity
As I briefly mentioned earlier, cybersecurity’s most important goal is the protection of information. This information can be login information for accounts, bank accounts and social security numbers, or personal information such as an individual’s name and address. The information in question can also be blueprints for a design and trade secrets, such as Apple’s next business opportunity or the new phone they are trying to create.
Cybersecurity can also take on a political aspect as well. Hackers could attempt to rig elections by compromising electronic vote readers in order to slant the vote totals toward whichever candidate they want to win the election. Since cybersecurity has many real-world applications that can cause disruption or harm to people, it has become an integral aspect of living in a digital world.
Cybersecurity also includes the aspect of keeping the networks that hold both personal and business information secure. This means making sure that the network being protected is hard to get into, and that employees know that people will try to trick them into divulging passwords and login information possibly over the phone or through email. The consequences of having information stolen by hackers can lead to anything from identity theft to the loss of millions of dollars in future product sales through the loss of future designs.
Because cybersecurity encompasses the protection of such a variety of digital assets, including data and information, systems, intellectual property and so forth, cybersecurity as an industry also has many different jobs and career paths. Examples of cybersecurity jobs are security analyst, security engineer, security architect, security administrator, security software developer cryptographer, cryptanalyst, security consultant, network engineer, network administrator, and forensic analyst. Each of these career areas have to do with the protection of some piece of data, information or system that must be protected.
Cybersecurity Threats Faced by Nations
Since most countries use the internet for one purpose or another, they are exposed to risks that can be used by their political enemies. Any example of such a risk is rigging elections. As mentioned earlier, if the vote counters used in a national election are connected to the internet, they in theory can be hacked, and the votes could potentially be switched to favor of one political candidate over another.
Another possible risk that nations are exposed to are possible government breaches. For example, the United States government certainly has devices within their Social Security Administration that are connected to the internet. This connectivity, while necessary, adds an extra layer of risk to the social security program because hackers could compromise machines in one of those networks, and could then hold networks within the Social Security Administration hostage using ransomware. While this has not happened to my knowledge, I use it as an example of a large-scale program that impacts nearly everyone that relies on the internet for functionality, and that reliance poses certain risks in our modern connected world.
Nations also run the risk of having sensitive information stolen from them, such as designs and possible military documents. In October of 2018, hackers stole data from South Korea’s Defense Ministry. The hackers reportedly breached 30 computers and stole internal documents from at least 10 of the computers. Reports say that the documents in question could have pertained to how South Korea would get its next generation fighter aircraft. Hackers were able to gain access to the network through a software server. The hackers then obtained administrator privileges on the server and started to get documents from computers that were connected.
Along similar lines, the United States has accused China many times of intellectual property theft. China has supposedly stolen trade secrets from defense contractors in the United States on multiple occasions and has targeted United States-based for-profit companies as well.
Even smaller governments are at risk. For example, the city of Baltimore (and the city of Atlanta before that), had government systems compromised that were held for ransom by hackers. Current estimates for the city of Baltimore put the cost of damages at over 18 million dollars, all of which resulted from the cyberattack and the cities vulnerability to it.
Cybersecurity Threats Faced by Companies
Many of the risks nations face due to cyber threats are also shared by businesses. Businesses can be targets for intellectual property theft and can also be targeted for ransomware attacks. Designs, insider information, and future business plans can possibly be stolen or compromised by hackers. Both large and small businesses can have employee information. Their information can be stolen, and employee accounts would then be compromised.
For almost all businesses, there is no way to completely avoid these risks. Businesses in today’s world rely heavily on connectivity, whether that be websites, VPNs for remote employees, or connections to vendor systems. This alone exposes the business to the possibilities of hackers targeting the network and attempting to steal information. Businesses can lose a tremendous amount of time and money if they are hacked or find that their information has been compromised.
The Target breach is a prime example of the risks businesses face due to cyber threats. In 2013, hackers were able to compromise 40 million payment card accounts and 70 million customer records. Hackers were able to gain access to Target’s network through a server by using stolen third-party vendor credentials in November of 2013. The hackers then exploited weaknesses in Target’s system and gained access to an internal database, installed malware on the system, and captured full names, addresses, and payment information from the database. This breach shocked both the cybersecurity community and the public, because at the time it was one of the largest breaches to occur in the United States.
Businesses also face the risk of having hackers attempt to compromise their network for political gain. In 2014, North Korea was found responsible for hacking Sony Pictures because of an upcoming satirical movie that included the assassination of their leader, Kim Jung Un. Some hackers also try to compromise business networks for the sake of building a reputation or bragging rights when financial gain is not the main focus.
Why Businesses are Targeted by Cybersecurity Hackers
Businesses are very tempting targets for hackers. If hackers can get personal information of a business’ employees, they can sell that information on the Dark Web. The dark web is a part of the internet that is only able to be reached using special software. It is not regulated by any government, and acts as a digital black market where people can sell or share things that are illegal or frowned upon by the majority of world governments.
Businesses that hackers typically target are financial institutions like credit unions, banks, savings and loan associations, investment companies, brokerage firms, insurance companies, and mortgage companies. Online retailers like Amazon, Apple, Walmart, and Target are also very tempting targets, with Target falling victim to a data breach back in 2013 and mentioned above.
Another noteworthy point is that hackers don’t only target large corporations. Small and medium sized businesses are targeted heavily by hackers, with more than half of small businesses in the United States having suffered some type of hacking attempt within their first five years of business.
Cybersecurity Threats Faced by Individuals
Not only do nations and businesses face threats from the actions and intentions of hackers, but individuals face many risks as well. It is possible for hackers to commit identity theft after stealing an individual’s personal information such as age, name, where they live, and financial and payment information. As mentioned earlier, that information can also be sold for profit.
This also puts the personal safety of an individual and his or her family at risk. Depending on the financial status of the individual, criminals could potentially pay to get the individuals personal address and then make plans to rob the home if the individual in question has lots of wealth. Another possibility that hackers could act on is using that personal information to commit blackmail or extortion. This is extremely likely if the person in question has a high social standing and lots of material wealth.
If a hacker is able to compromise an individual’s home network, there is a lot more that they may be able to do. They can hold personal information for ransom by infecting a home computer or device with ransomware. Hackers can also use stolen personal information to commit identity fraud, file fraudulent tax returns, apply for loans, create counterfeit credit/debit cards, pay bills, transfer money from your accounts, make fraudulent insurance claims, buy medicine for themselves, make fraudulent online purchases, or use your information to your target friends or family in hopes that they can get them to divulge personal information of their own.
Each of these possibilities can have serious ramifications to an individual’s personal life. For example, a hacker could get a person’s banking information and then steal money from their account. They could also take the money and use it to pay their personal bills or debts. Insurance information can be taken and used to make fake insurance claims and cause the person they stole the insurance information from to face accusations of insurance fraud. The easiest option for hackers to use stolen personal information is to commit identity theft. Identity theft is also something that can prove to be a huge hassle to resolve. Once hackers have your personal information, they can also attempt to steal your tax refund as well. One possible way that hackers can easily steal personal information is by capturing data in public spaces such as coffee shops or shopping malls. The best way to prevent data being stolen in a public setting is to not log into banking services or online retailer profiles while in public.
The Future of Cybersecurity
Now that we have gone over how hackers can target, obtain, and use personal information, we go over how the industry of cybersecurity can change in the future to keep personal information as safe as possible. To do this, we will go over five trends that could be changing the cybersecurity landscape for many years to come.
Trend 1: Cyber Security Automation. One trend that is sure to make an appearance is the use of artificial intelligence to aid cybersecurity analysts in protecting networks and personal information. As the size of networks grow larger, and the amount work needed to adequately protect the networks grows as well, automation and artificial intelligence may be implemented to play a role in the day to day work of analysts to help them properly monitor network traffic. However, this is highly dependent on the current enterprises and how quickly their networks and workloads grow over time.
Trend 2: Mobile Devices Become Cyber Threats. With many businesses bringing tablets and phones into their list of used devices, they also become devices that need to be protected from hackers and other cyber threats. Compounding this with many company’s BYOD (Bring Your Own Device) policies allowing employees to bring their cell phones with them to the work place, these create a significant challenge for companies to keep their internal networks safe.
Trend 3: IoT Becomes a Target for Hackers. Hackers will begin to focus on devices that are not commonly thought of when defending a network. IoT (internet of Things) devices, which are devices that have a connection to the internet will start to become target for hackers when they are looking to break into networks or steal personal information. Internet of Things devices include a huge number of devices that are now connected online, including security systems, appliances, televisions, personal health devices and home assistants, such as Amazon Echo, for example.
Trend 4: Businesses Train Employees to Handle Social Engineering. A growing trend for 2019 will be businesses training their employees to handle social engineering attempts from hackers. Companies hope that doing this will help to keep their networks safer from hackers.Social engineering is becoming a significant threat for businesses in today’s digital world. Hackers will stop at nothing to compromise a network, which can result in them targeting a business’ employees. They do this by calling or emailing an employee and making themselves sound like an executive or current employee from the company. The hackers hope that the targeted employee will send the hacker a username or password so that the hacker can log into the company network and begin to steal information or further compromise the network. This is a serious threat to every business.
Trend 5: Cyber Concerns May Result in Increased Regulations and Legislation. With cybersecurity threats targeting both corporate and federal networks, increased regulations and legislation may soon become a reality. If legislation for cyber threats does materialize, a main topic of concern would most likely be the security of the election system and devices that will be used in the 2020 presidential election. Businesses will also step up their cybersecurity policies and regulations as new cyber threats emerge.
Cybersecurity is a very important topic and has very severe consequences when not properly addressed. It focuses on keeping networks secure and information safe from hackers. Cyber threats can have ramifications for individuals, businesses, and in some cases entire nations. Upcoming trends for cybersecurity include increased automation and inclusion of artificial intelligence, mobile devices becoming a threat to businesses, internet of things devices becoming targets for hackers, businesses training employees to deal with social engineering, and cyber threats resulting in tougher regulations and possible legislation.