Rather than attempt to thwart hackers by making it costly and difficult for them to launch attacks, which will also increase costs for the defenders, a more effective strategy may be to deflat the value of successful breaches and employ a decentralised security approach. With billions of Internet of Things (IoT) devices expected to be connected to the web by end-2016, a more appropriate tactic would be required to better combat potential attacks, said Dino Dai Zovi, mobile security lead at Square, during his keynote Thursday at Black Hat Asia 2016 held in Singapore. "With IoT, there's need to decentralise trust... Having ultimate trust in all these devices will be increasingly dangerous. If we can decentralise trust, we can ensure overall safety," Zovi said, noting that distributing control and data sharing on these devices would prevent one breached device from being used as ransomware or to infect others on the same network, such as a personal home network. There also should be "an anchor of trust" tasked to provide the main layer of security, where a hardware-based mechanism would most easily facilitate this.
"The industry will continue to focus on refining systems, applications, software, security and network infrastructure to meet their needs. Machine learning is the megatrend: its application and influence, particularly on our mobiles, will be improving all parts of our lives in 2017," he said. So begins Deloitte's annual global TMT (Technology, Media, and Telecommunications) report, that since its inception in 2001 has reached an 87% prediction accuracy rate. The report is long but makes for interesting reading. Deloitte Australia forecasts a year that will see further significant breakthroughs in machine learning, indoor GPS navigation, safer travel in motor cars, more cyber mischief and a growing use of biometric security.
As a domestic EgyptAir flight was hijacked and forced to land in Cyprus, Egyptians took to social media on Tuesday and made light of the situation, saying they wished they were on board to escape the country's woes. On Twitter, the Arabic hashtag "I wish I was with them" received strong traction online, becoming a top trending topic in Egypt. Seif el-Din Mustafa, an Egyptian passenger, stands accused of hijacking the flight headed to the Egyptian capital from Alexandria, but that ended up at Cyprus' Larnaca airport instead. Mustafa allegedly threatened the crew with what he said was a suicide vest, which later was found to be fake. Following the news, social media users in Egypt expressed their envy over how a domestic flight managed to land in Europe.
Organizations quite often spend millions of dollars on deploying various technologies on cybersecurity to defend against data breaches. Despite that, devastating hacking continues to occur. Let's not forget the breaches at Target, Sony, Home Depot, along with the recent theft of millions of dollars from a Bangladesh bank by attacking financial transaction network SWIFT and the many examples of ransomware in news headlines this year. Does it mean that the technology is not advanced enough to outwit hackers? The race between security professionals and hackers seems to be a never-ending game, and hackers are seemingly always ahead in this race.
The UK government statistics for 2016 reported that 65% of large firms detected a breach in the previous year, a quarter of which occurred at least once a month. More worryingly, a report by Gartner shows that 80% of all security incidents go undetected by the breached organisations, so the rates of cyber attack are higher than we realise. The costs of cyber attack can be crippling, as highlighted by the media in their coverage of the various incidences that have rocked the IT security world in the past few months. Seemingly robust and industry-leading organisations such as Yahoo have suffered large-scale hacks, while attacks on financial institutions provide very real examples of what customers and businesses stand to lose by being the victim of a cyber attack. When Tesco Bank was hacked in 2016, £2.5 million was stolen from customer accounts, and the recent Lloyds Bank attack saw 20 million customer accounts compromised.