In the fight against Cyber Crimes, we have been playing a losing game. For every one step forward, we move two step backward as the new technologies do more harm than good. As insecurity is increasing amongst the general population, its time for a sweeping change. This is precisely why we need to discover the flaws in our strategy to fight cyber-crimes, and correct them when there is still time.
Also, it should be noted that another futile claim that made these days is that antivirus or firewalls offer dependable security. Although it is true that an updated antivirus program assists well in security, it can only keep your PC protected from most common infections or malware. It cannot protect you against threats emanating on daily basis.
The attackers who design such malware, tests it against mainstream antivirus programs and only those which can withstand the firewall are deployed. It takes a while for antivirus companies to identify and target these new threats and to figure out how to deal with them. Moreover, if the malware is adaptive, as in it changes its behavior according to the environment, it becomes very difficult to spot those. Even the firewalls are good only as long as the attackers are humble enough to show up their entry and exit. However, no hacker is kind enough to do that.
A brilliant example of this is Heartbleed- which exfiltrate data from the host by dressing up in a legitimate guise. As is often said, the best way to escape the prison is by wearing a prison guard’s uniform. In short, antiviruses and firewalls are defenses to yesterday’s problems, not tomorrow’s.
So what can we do about it? In reality, we would need to anticipate future threats and be prepared against them, as much as we can. A start in this direction is to look at what the hackers are doing and try to stop them. Britain’s Centre for the Protection of National Infrastructure, widely referred to as CPNI has prescribed ten easy recommendations which could secure 80 percent of the breaches if properly implemented. These are briefly explained below-
- Firstly, know the person in charge of your computers and networks and the risk associated with it- such as information to be protected, potential stealers etc. This is called Information Risk Management Regime (IRMR).
- Making rules regarding the computers and devices in possession. Who is allowed to connect to your networks, testing regularly the networks etc?
- Identifying the present network security measures. The presence of firewalls, contingencies in case of a breach of firewalls etc.
- Rechecking the user privileges granted to ensure that privileged information is not compromised.
- Training staff on properly using your networks. Making sure the credentials expire as soon as the personnel leaves the organization, outsiders being given restricted access etc.
- Having a contingency plan in case of breach of data and network.
- Being ready for malware attacks, taking necessary precautions.
- Checking the external devices for malware before they are used.
- Framing policies on monitoring of traffic to avoid privacy implications.
- Keeping tabs on where the data is being stored, what devices are being used and rules about people working from outside the office.
These measures are easy to follow and combined, they possess the potential to deal with the majority of daily threats to our computers and networks.
This article is originally published here