There are a lot of definitions of cyberspace. Military agencies typically consider it the fifth domain after space, sea, air, and the land. However, there is a fundamental difference between these four domains and the cyberspace, which is that (unlike cyberspace) these four are geographical in nature. Whereas, cyberspace is a dynamic field. It does not hold any specific geographical area. We can say that cyberspace can be embedded in all other domains as it is transforming continuously. With its expansion, threat or attack surfaces are also expanding proportionally. In order to comprehend the risks and challenges posed by the cyberspace, we need to understand the emerging trends that extensively broadening both the cyberspace and its attack surface. The appearance of cyberspace highly depends on the hundreds of legal/regulatory, societal, economic, and technological trends.
Internet of Things (IoT) is one of the most crucial technological trends. According to an estimation, 20 to 50 million devices will be connecting the world by 2020. Today, internet-connected devices are being used in every organization including entertainment, manufacturing, and healthcare. Exchange of data in cyberspace is need of the hour but threat trends are increasing significantly to prevent the secure exchange of critical data. The cyber pests are developing innumerable nefarious ways to attack both individuals and organizations. In February 2018, the malicious actors seized two databases operated and owned by The Sacramento Bee, a newspaper company located in Sacramento, California. As per the Sacramento Bee, the attackers compromised the personal data of 19.4 million California voters and 53,000 subscribers.
Another great emerging trend today is the use of Cryptocurrencies. Cryptocurrencies like Bitcoin, Solar Coin, or Ether significantly change the finance sector by reviving the business of threat actors. Over the last couple of months, ransomware attacks on cryptocurrencies have been increased by leaps and bounds. In June 2018, the Korean website—namely Bithumb—lost more than £20m worth of cryptocurrencies in a cyber-attack. In late 2017, North Korea targeted the South Korean Cryptocurrency users by launching a ransomware attack against them. The mostly reported ransomware attacks are WannaCry, CTB-Locker, TelsaCrypt, CoinVault, Locky, and CryptoWall.
Another emerging trend is the use of Wireless Technology, which is indeed indispensable for every organization irrespective of its shape and size. However, wireless technologies open the floodgates of cyber-attacks. The most prominent categories of wireless attacks include Rogue Access Points, Evil Twin Attack, WarDriving, War Chalking, Bluejacking, Packet Sniffing, WPS attacks, WEP/WPA Attacks, and Replay Attacks. Distributed Denial of Service (DDoS) attacks also grab the attention of the cybersecurity world. A DDoS attack is an attempt to disrupt a normal traffic of a targeted server, service, or network by overwhelming the target with traffic from multiple sources. DDoS usually consists of three types of attacks including application attacks, bandwidth attacks, and traffic attacks. In July 2018, Akamai published a report on the biggest DDoS attacks occurred this year. Akamai noted that 16% of DDoS attacks were increased as compared to the previous year. Also, 16% DDoS attacks were noted in network layer 3 and 4. 38% attacks were launched mere on Application Layer and 4% were reflection-based attacks.
Cyberspace is the dynamic and borderless field of the global village (world). Emerging technologies and threat trends including Ransomware attacks are taking place tremendously in the cyberspace. Various technologies such as IoT, Cryptocurrencies, and Wireless Technologies provides a great many potential avenues to the hostile actors. The organizations today have to protect their critical data from these malicious actors in order to save a sheer scale of currency/budget and fulfil Compliance Requirements such as adhering to the stringent requirements of General Data Protection Regulation (GDPR). For this to be done effectively, enterprises need to safeguard their IT infrastructure with a reliable and effective security controls such as a SIEM system. Logsign’s SIEM system is one of the industry-leading security systems to protect organizations from the menace of cyber-attacks.
Information leakage of threat intelligence, incident data, and status data can have several legal consequences for organizations.
Log Management is a security control which plays a crucial role in identifying the type of an attack during a security incident.