Artificial Intelligence – Helping Cyber Security

Artificial Intelligence

Artificial Intelligence (AI)  is now playing a significant role in helping to managing cyber risk. This was recently evident in the aftermath of the Nordsk Hydro ransomware attack where AI was utilised to identify further vulnerabilities.

This form of automative technology would seem to be a good match for managing the constant threats posed by hackers where new cyber attacks relentlessly attack computer systems and constant monitoring is required. Despite the automation basis there however still needs to be human involvement in this process.

How Does AI Work ?

Billions amounts of data is consumed by AI via machine learning and deep learning techniques. This makes it possible to improve and develop its cyber security bank of knowledge which ultimately provides a better understanding of existing and developing cyber risks.

AI utilizes reasoning in order to identify relationships cyber threats malware threats and dubious IP threats . This is then analysed in a very short period of time thus enabling users to respond and act on imminent cyber threats.

Where can Artificial Intelligence be used ?

  • Monitoring of computer systems
  • Predictive tool for new threats
  • Analysis of threats based on current activity
  • Monitor Human activity
  • Post data breach tool
  • Detection of viruses and malware

The Future 

Capgemini released a report last month “Reinventing Cybersecurity with Artificial intelligence”

https://www.capgemini.com/wp-content/uploads/2019/07/AI-in-Cybersecurity_Report_20190711_V06.pdf

The report revealed that 69% of organisations felt that AI will be necessary to respond to cyber attacks in the coming years. Telecoms in particularly were of the view that this would help mitigate the sizable losses already experienced in this sector. Many organisations are gearing up for testing the viability of AI and how it can help their cyber risk management processes. Budget provisions for this are being made as long term there are many  costs benefits in AI.

Artificial Intelligence is developing at a rapid rate and it is important that its application remains relevant to the cyber security sector as other industries also show an interest in this technology.

Image : Shutterstock

Loss of Reputation – The Biggest Cyber Threat ?

Loss of Reputation

Is the loss of reputation on the biggest cyber threats that a business faces today ?

A good reputation takes a long to build up but the emerging cyber threat landscape can ruin this reputation in a matter of hours. It is important therefore that businesses have in place a loss mitigation plan in place in order to manage this disaster case scenario.

One of the highest profile cyber attack in the UK was the data breach at TalkTalk where the long term consequences of this still being felt within the business today.

The impact on the reputation a business of a data breach 

  • Loss of existing customers
  • Loss of confidence in the business
  • Competitors exploiting the situation
  • Share price of the business
  • Loss of future earnings
  • The stigma of a data breach
  • The attractiveness of future investment in the business
  • Attracting new employees
  • Bad management of the data breach

Be Prepared 

It is essential that the business has an incident response plan in place in order to manage the cyber attack and the ensuing  fall out that will inevitably occur.  This would include a crisis management and business continuity plan.

These should be regularly updated with “dry runs” carried out in order to ensure that they work effectively..

Cyber Insurance 

This specialist form of insurance can help manage and mitigate a cyber attack at both the very early stages of a data breach and also help the business through the process. This is facilitated through the incident services that an insurer offers as part of the policy benefits . This includes public relations consultants and access to a solicitors so that sensitive data can be handled in the most effective manner.

The policy also provides coverage for reputational harm or business interruption coverage modules, typically this would encompass loss of profits and increased costs of working as a result of the data breach.

Policy wordings and intent vary considerably in the insurance market and it is therefore important that an insurance broker with a specialism in this area is utilized.

Image : Shutterstock

The Cyber Threat to Critical Infrastructure

Cyber Threat

The operation of Critical Infrastructure in the UK is pivotable in the safety and economic prosperity of the country…. but what protection is being provided to mitigate the cyber threat posed by hackers ?

We are seeing increasing threats to key infrastructure such as airports and power stations with the cyber threat now emerging as a very real risk. This concern is also now at the forefront of governments on both sides of the Atlantic with initiatives being put in place to protect our critical infrastructure.

Europe – The Network and Information Systems (NIS) Directive 

The European Commission agreed to implement the Network and Information Services Directive in late 2015 as reported in our post http://cyberbrokers.co.uk/cyber-security/   

This Directive needs to be complied with by May 2018 however according to a report by Corero Network Security suggests that it may prove difficult for certain sectors of the UK’s critical infrastructure to achieve this. The report found that 39% of the critical infrastructure in the UK did not reach basic cyber security standards. Key sectors were the NHS and the police.

https://www.corero.com/company/newsroom/press-releases/uks-critical-infrastructure-skipping-basic-cyber-security-checks-and-ignoring-ddos-threats-/

The main reason for the Directive is to increase the security of Network and Information Systems within the European Union with the aim to bring the following:-

  •  Minimum standards of cybersecurity for banks, energy, transport , health and water utilities.
  •  EU-wide rules on cybersecurity.
  •  Cooperation between EU companies on cyber security
  •  The sharing of information of breaches
  •  Best practices in cyber security
  •  Mutual help in securing a country’s critical infrastructure

In addition to critical infrastructure these regulations will apply to certain technology firms and it is possible that this will also be applicable to major online marketplaces, such as eBay and Amazon, and search engines such as Google.

Last month the Government launched a consultation paper which sets out the proposed implementation in the UK which will also reflect the UK departure from the EU. The consultation will ascertain the views from industry, regulators and other relevant parties

The consultation will cover the following :-

  • The essential services the directive needs to cover
  • The possible penalties that could be applied
  • The authorities that will regulate and audit specific sectors
  • The security measures that will be imposed
  • Appropriate timelines for incident reporting
  • Assessment of the impact on Digital Services Providers

https://www.gov.uk/government/consultations/consultation-on-the-security-of-network-and-information-systems-directive

USA – Homeland Security – The Presidential Policy Directive /PPD-21

The main purpose of this directive is to provide the provision of strategic guidance and to promote the security and resilience of the US’s critical infrastructure.

Within this directive Homeland Security will support the following:-

  • Identify and prioritize critical infrastructure, considering physical and cyber threats and vulnerabilities.
  • Maintenance  of national critical infrastructure centers in order to provide a situational awareness capabilities  about emerging trends and imminent threats
  • The coordination of appropriate bodies and Federal departments to provide analysis, expertise, and other technical assistance to critical infrastructure businesses
  • Facilitate the exchange of information and intelligence necessary
  • Work to improve the resilience of critical infrastructure against cyber threats
  • Annual review of the protection required by statute to protect national critical infrastructure.

The critical infrastructure of a country’s is a prime target for hackers and it is therefore essential that appropriate cyber security standards are in place and that this continues to keep place with the changing cyber threat landscape.

Image : Shutterstock

Rio 2016 – The Cyber Threats

Rio 2016

Rio 2016 is here …..expectations are high for another GB medal haul,  but this major sporting event is inevitably going to be a target for cyber attacks

Some facts that will make Rio 2016 a draw for hackers  …

  • Brazil is already recognized as hub for cybercrime ranking 10th in the Symantec 2015 Internet Security Threat Report
  • London 2012 experienced 165 million attempts to breach cyber security , at Rio 2016 it is anticipated that this could be 4 times this….
  • 5th August to 21st August presents a significant window for hackers to exploit
  • 37 Venues
  • 306 Events
  • 10,500 Athletes
  • 206 Countries participating
  • 7.50M Tickets available for the events
  • 500,000 overseas travelers expected in Rio de Janeiro

Why The Olympics?

Major sporting events grab the attention of the entire world but unfortunately this also attracts elements of the population who perceive this as an opportunity to be exploited  ….. the world of cyber crime.

The threat that cyber crime poses to an event such as this is similar to that which exists for any other business but on a much larger scale and with more dramatic consequences due its high profile and the many threat vectors that exist.

The Cyber Threat Landscape

Some of the targets for cyber criminals are likely to be the following :-

1.The Official Rio 2016 Website

Distributed denial of service (DDoS) attacks preventing access to website by fans.

The accessing of the website by hackers, altering the data such as falsifying the results and interfering with medal tables.

Defacement of the website by a hacktivist.

Spectators and visitors will no doubt access the website via Wi-Fi and vulnerability will exist if they inadvertently log in through a rogue Wi-Fi connection which could lead to the stealing of their personal data.

2.Event Tickets

Ticket fraud with the setting up of bogus websites taking fans money and issuing counterfeit tickets.

Website scamming offering last minute match day tickets for the big events with no ticket actually being produced.

3.The Venues

Technology will be pivotal in all aspects of the running of the 37 venues being used in Rio 2016. Entry to the venues, ticketing processing, management of lighting and associated infrastructure would all be impacted in the event of a cyber attack.

4. Competitors Data 

The event will involve a huge amount of data ranging from credit card data of spectators, athletes confidential information or the database of the organizers which is likely to be targeted by hackers. This could occur through phishing attacks in order to steal personal private information (PPI)and then lead to possible bank fraud of individuals. Brazil does have an established reputation for on-line banking fraud.

5.E-mail Transmission

E-mail scamming could be caused by bogus e-mails set up to obtain athletes and officials personal information that could be disseminated over the internet. The endless sending and exchanging of e-mails also presents an opportunity or spamming.

6.Media Coverage

World wide coverage will be provided to this event by television companies who will be reliant on technology and the service could be interrupted or even blacked out by a hacker wishing to cause transmission downtime. For example a video re-run of the 200 m final could be disrupted by a ransomware attack.

7. Computer Network 

The spreading of a malware attack within the internal computer network and third party providers could cause enormous interruption to the running of the numerous events taking place. The reliance on technology reaches far and wide ranging from the transportation network to close circuit TV surveillance systems.

8. Mobile Applications 

Fake mobile apps devised by developers to give the impression of the official Olympics app. Smartphones area also at risk if stolen and personal data is sourced.

9.Cyber Terrorism

Cyber terrorism could occur in a number of forms. A ransomware attack would limit or entirely restrict the use of computer systems affecting the running of Rio 2016.

There may be political motivation from countries that want to disrupt the Olympics. This could be to make a political stand on an issue or perhaps a country that failed to win an event or perhaps a competitor that was disqualified and the country that was represented takes retaliation.

The threat of remotely controlled drones by cyber terrorist entering an event causing disruption and delay to matches.

10.Social Media

Infiltration of social media websites by hackers of the tournament and personal accounts pose a threat to fans , players and officials privacy.

Cyber Risk Management Program

The International Olympic Committee will no doubt have in place a comprehensive cyber risk management program to manage the programs of events which is likely to be broken down into the following :-

  • Identification of cyber risk vectors
  • The mitigation of cyber risk within the tournament
  • The transfer of residual cyber risks that they are unwilling or unable to manage.

Cyber Insurance

Cyber Insurance can assist with the transfer of cyber risks associated with sporting events by providing the following insurance modules :-

  • Network Security Liability
  • Data Privacy Liability
  • Multimedia Liability
  • Network Business Interruption
  • Data Asset Protection
  • Cyber Extortion
  • Crisis Management

A cyber insurance policy also provides post breach vendor assistance helping with data breach notification , forensic investigation and public relations.

Rio 2016 is global event that is reliant on technology which does make it especially vulnerable to cyber security threats, it is therefore important that these are recognized and measures are put in place to mitigate the potentially severe consequences that could impact on the games.

Image Credit: rvlsoft / Shutterstock.com