The global rise in cyber insecurity is becoming costly and complicated every day as criminals keep advancing their weaponry inside the dark web. With such threat growing every day, experts are warning that internet users must make cyber intelligence an ongoing process if the war against the menace is to be won.
Maty Siman, founder and Chief Technology Officer of Israel-based cybersecurity firm, Checkmarx said the world must quickly learn how to scan source codes and fix vulnerabilities in real time.
“The use of nanotechnology in identifying loopholes in computer software, servers and the cloud remain a critical security layer in thwarting attacks,” he told journalists in Tel Aviv.
Israel is taking cybersecurity seriously and has accordingly invested in cutting-edge technology to combat it. The Israel National Nanotechnology Initiative (INNI) has been tasked by the Ministry of Economy with making nanotechnology - manipulation of matter on an atomic scale - the next wave of successful industry in the country by creating “an engine for global leadership”.
Mr Siman revealed that the technology was recently used by Checkmarx to detect vulnerabilities in the Android camera, raising concerns over the security of offline mobile applications. Such a camera is an easy target for attackers to secretly record videos, take photos, eavesdrop on conversations, follow browsing history and track user location, even when the smartphone is switched off.
However, he says, the company is using Machine Learning to get an edge over hackers by using advanced methodologies such as whaling – the process of collecting and analysing data used by cyber attackers – to destroy plans for espionage and bank theft which leads to an enormous loss in finances and customer trust.
“Because hackers are using AI to scale their attacks, we have gone ahead of them to use Machine Learning to train our systems how to detect even the most invisible worm, Trojan, botnet, malware, scripting virus, ransomware and spyware,” he said.
He warned businesses, government agencies and individuals against using third party software without any background check, saying this could be a trap to listen into your plans and secrets, giving the attacker a big chance to switch you off.
Udi Mokady, chief executive of CyberArk, another Tel Aviv-based internet security firm, said cyber professionals must now look beyond firewalls, since the cyber war is rapidly changing, and learn how to deal with sophisticated attacks on databases by people within organisations.
“You need an impactful security layer manned by experts with a deep passion for cybersecurity to keep a constant eye on what attackers are doing and liaise with global cyber intelligence groups to monitor the complexities of the cyber space,” he said.
As banks and airlines move to cloud-sourced services, experts advise that cyber security teams must blend their “offensive and defensive mechanisms” to adapt to the evolving concept of IT security.
The seismic shift to the cloud has come with new challenges whose solutions go past the owners of the platforms. This has raised the question of who is privileged in the new order. The experts term this a simple question with a complex answer.
“We lack legal hacking talent in this field. Ethical hackers are difficult to find, but we work with more than 100 other IT security firms to ensure customers are secure online and offline. Even an international treaty on cybersecurity may not be a permanent solution. Customers confuse compliance with security and expose themselves,” said Mr Mokady
“While hackers will never publish information about how they succeeded to hack a secured system, there is need to keep monitoring what they do. Don’t assume nothing is happening and feel safe online.”
Tel Aviv boasts of Deep Instinct, the first company in the world to use the dynamics of Deep Learning – a subset of machine learning – in cybersecurity. The firm explained how it keeps the world safe against the rising Deepfake technologies that clone faces and fingerprints of users and gain access to their bank accounts.
“AI-based malware, wipers, code injections, scripts, digital coin miners are advancing the complexity. We use Deep Learning to predict attacks using tens of different algorithms that detect and stop attempted security breach,” said Mr Guy Caspi, the firm’s CEO.
The Deep technology can train a machine on any data set, on any operating system and needs no connection to the cloud.
“Most of the time hackers feed you with the wrong data using fake proxies, so that you get the wrong threat intelligence and therefore the opposite action. You get hacked but you don’t know because you have not lost anything. With Deep Learning all these attack attempts can be detected,” he explained.
As thugs look for effortless ways to own cars, people have lost their locomotives in mysterious ways across the world. Moshe Shlisel, CEO of motor cybersecurity company GuardKnox GuardKnox Cyber Technologies said all a thief needs is a photo of your car key.
“That photo, usually taken by CCTV cameras, is used to make a clone of your car key and that’s how you start using public transport again. Even trucks full of goods disappear like that,” he revealed.
His company uses high tech device to secure connected vehicles through a Secure Network Orchestrator (SNO), a holistic software and hardware solution that protects a vehicle’s control system against attackers.
“We have a central SNO, that ensures security on a vehicle’s internetwork communications, assisted by a local SNO, which locks down a single electronic control unit. This has been effective in fleet management,” he noted.
Israel has a cyber-emergency response team under the National Cyber Directorate whose mandate is to scan the web to detect threats and take proactive measures to ensure security.
Citizens can call 119 whenever they feel insecure and action taken promptly. The ‘Start-up Nation’, as Israel is popularly called, has invested in cyber diplomacy, and monitoring is done in real time and data shared with global cyber intelligence organisations for faster action.
Hagay Katz, a cybersecurity expert at Check Point Software Technologies said the growing trend of malicious businessmen using other people’s servers for free to conduct business cannot be left to platform owners only to solve. “There is no security in IoT. The responsibility of securing the cloud must be a collective one as platform owners can never know everything and therefore can hardly guarantee 100 percent of uptime and security,” he said.
Companies and government agencies were advised to think collaboratively for a secure future for billions of connected devices and zillions of data, now that 5G networks are fast spreading across the world.