The event was attended by guests and specialists in the cybersecurity sector, which are the main focus of our digital everyday life. Here is more from the discussion.
Diana Stefanova, Vice President of Global Sites Strategy at VMware, said that the Global Security Insights 2020– study involved 14 countries from all around the world, which makes it extremely comprehensive. The results can be defined as very interesting. 542 professionals from the cybersecurity industry took part in the study. 70% of them have stated that they have suffered at least once a breakthrough in the systems. 69% reported an increase in attacks by 60-70%. Stefanova commented:
“Thanks to COVID, we have had to move towards accelerated digital transformation. This has placed new challenges for security teams. 80% of the participants believe that they have been the subject of cyber-attacks because of the majority of employees working from home.”
Diana Stefanova gave an example of what happened to Colonial Pipeline, who were forced to pay a ransom to hackers in order to resume their work. Another example she mentioned was T-Mobile. According to her, in such cases, companies must react reactively.
According to the study, 79% of respondents say that cyberattacks have become more challenging and more difficult to deal with. Among the leading reasons of this, the study identifies several reasons:
14% responded that this is due to outdated processes, technologies and methods of organizations.
According to the panellists, some of the security measures that we should consider include Internal policies and updated technology. 98% of the respondents commented that they use the Cloud-first approach, which turned up to be a double-edged sword.
The key challenges that the companies have to overcome are three:
Too many surfaces to defend
Too many silos
Too little context.
Diana Stefanova introduced Ventsislav Pochekanski, the leader of the Carbon Black team at VMware, who is completely focused on security. Carbon Black is a new team for Bulgaria, built in the last year and is the main unit of VMware. He commented:
“More and more employees are mobile and work with different points of view, which is a problem. Multiple end devices are used to access the data. Organizations maintain their traditional applications, but also develop new ones. Both new data centres and new cloud technologies are available, and it is also important to use extremely complex networks to provide connectivity between customers, users, etc.,”
According to him, there is a lack of context in the operation of these protection systems. The goal is not to protect individual components, but the entire system. Pochekanski also said that systems must see all components of protection and understand the interconnections on them.
“Our vision at VMware is for a security system that is built into the infrastructure, instead of many tools that we need to take care of, update, maintain, etc.,”
According to him, there is a lack of context in the operation of these protection systems. The goal is not to protect individual components, but the entire system. Pochekanski also said that systems must see all components of protection and understand the interconnections on them.
“Our vision at VMware is for a security system that is built into the infrastructure, instead of many tools that we need to take care of, update, maintain, etc.,” he said.
The moderator of the meeting was Boycho Popov, Editor-in-Chief of Investor. bg, as well as a presenter at Bloomberg TV, who also introduced Yuri Genov, Executive Director and Head of IT and Operations at DSK Bank.
“The work of global companies and the publication of such research provide a good insight into how the market is evolving. We were very careful during the pandemic and focused on these aspects of staff work. It is always good for someone with authority to confirm what is happening on our market, “
What actually matters is that managers are starting to focus more and more on this topic. What the statistics show is that incidents are increasing dramatically – in 2019 attacks were less than 1000, in 2020- around 2000, and in 2021 the expected number is 3000. There are several reasons behind this:
But how does the transition to a virtual work model affect cybersecurity?
According to Yuri Genov, the current situation taught society many things, better discipline, better security measures, etc. As threats grow, so does the culture of citizen behaviour, awareness, and precautionary measures against phishing attacks. Security is not just about finance, because the problem covers bigger and bigger perimeter. The Cloud increases data security, but its model increases the potential for problems. Security starts with people’s behaviour and habits and is developed and supported by technology.
The discussion was also attended by Georgi Sharkov, who manages the interface of a software institute – Center for Eastern Europe and the Laboratory of Cybersecurity in Sofia Tech Park.
“Both phishing and ransomware attacks are on the rise because of the pandemic, but also because of the virtualisation of education, shopping, communication and our lives in general. The infrastructure and the environment in which communication is changed. New signals for attacks and imagination have also appeared on channels that have not yet been presented in Bulgaria,”
Vihren Slavchev made an interesting emphasis on new technologies such as AI, ML and Deep Learning. Their applications are very large and one of the reasons for their widespread penetration is that they can be applied on both the good and the bad side.
“We know how drones save lives, make deliveries, etc., but they can also hit military targets with extraordinary power. In terms of cybersecurity, we are at war. It runs between machines and machines. We position software, algorithms and centres, 95% controlled by AI. On the other side are those who attack. They use AI, which studies and analyses your behaviour so that it launches the attack very successfully. Even in a prepared organisation, we see phishing emails that are incredibly neat and done with research for months. Despite years of experience behind many specialists, out of 10 phishing emails, they manage to recognise 6, 7. At some point, people will become spectators of this war and as such will lose control.
On the question of who will win the war, Slavchev noted that historically, the attackers are always one step ahead. On the other hand, the defence must be approached with a great deal of study of all models of attack. Serious research is needed and millions of dollars can be spent on defence, but the weak link in the human factor, that could open the door and welcome the enemy every time.
Georgi Sharkov continued the military analogy, saying that there are no unconquered fortresses in world history. The defender is always in an unfavourable situation.
“A fortress that is not designed to be protected cannot be. We need to think about how to design the protection. The attackers have no ethical, moral or regulatory restrictions on the use of funds. They have an advantage. The AI itself needs to be protected! AI’s cybersecurity is a very important aspect.
He added that in all wars, there is no winner, and cyberspace is not an exclusion. Sharkov also said that artificial intelligence is the only tool that could help against enemy AI.
On the question asked by DevStyleR “What are the three steps that a company must take after an attack”
Ventsislav Pochekanski commented that if companies are thinking ahead, they need to ensure maximum protection for vulnerabilities and the traditional, outdated applications that are used. They are often attacked and this is done through constant monitoring. Current behaviour-based protection systems should also be used. It is also necessary to ensure the protection of internal systems. But when it comes to a cyber attack and a ransom demand, there is no technological solution.
Vihren Slavchev emphasized another curious thing – should the ransom be paid? If the company can recover relatively quickly, then there is no need. But attackers often destroy backups, which is already a big problem. He also noted that talks are underway to criminalize the payment of ransom.
As protection steps, first, he listed “trust a professional” because “pulling the cable and cutting services” is not good. Also, you need to isolate the perimeter. As a third step, you must have a crisis plan because if everything is done at the last moment, then it becomes very complicated.
Yuri Genov agreed that every company must have a ready-prepared plan and that Bulgaria has systems in place to interact with national authorities. He is of the opinion that the legislation should be observed and authorized persons should be dealt with. There are well-prepared organizations that can help, and paying a ransom should be an incredible last resort to save a business.
]]>One of the internet’s foundations just got an upgrade. Quic, a protocol for transmitting data between computers, improves speed and security on the internet and can replace Transmission Control Protocol, or TCP, a standard that dates back to Ye Olde Internet of 1974.
Earlier this week, the Internet Engineering Task Force, which sets many standards for the global network, published Quic as a standard. Web browsers and online services have been testing the technology for years, but the IETF’s imprimatur is a sign the standard is mature enough to embrace fully.
It’s extremely hard to improve the internet at the fundamental level of data transmission. Countless devices, programs and services are built to use the earlier infrastructure, which has lasted decades. Quic has been in public development for nearly eight years since Google first announced Quic in 2013 as an experimental addition to its Chrome browser.
But upgrades to the internet’s foundations are crucial to keep the world-spanning communication and commerce backbone humming. That’s why engineers spend so much effort on titanic transitions like Quic, HTTPS for secure website communications, post-quantum cryptography to protect data from future quantum computers, and IPv6 for accommodating vastly more devices on the internet. Jana Iyengar, an engineer who helped lead Quic standardization at internet infrastructure company Fastly, said in a blog post:
“The internet transport ecosystem has been ossified for decades now. Quic is poised to lead the charge on the next generation of internet innovations.”
In a 2017 research paper on Quic, Google said its in-house version of the technology cut the wait for web search results by 8% on PCs and 4% on phones. The time that people wasted on YouTube buffering dropped 18% for PC users and 15% for mobile users.
Transmission Control Protocol governs how data is sent from one computing device to another across the internet. TCP and Quic work in conjunction with another seminal standard, IP, short for Internet Protocol. TCP controls how data is broken up into packets that are individually addressed, sent across the internet’s routing infrastructure and then reassembled at the other end of the connection.
It’s TCP’s job to make the internet resilient enough to withstand nuclear attacks. Among other things, TCP handles how connections are established and how to recover data packets that are lost in transmission.
]]>