Staying Ahead in A Vulnerable World
With an estimated economic impact of $400bn in 2016, it's no wonder that cyber security continues to be a core concern across the world. Srinivasan C.R. — Senior Vice President, Global Product Management & Data Centre Services at Tata Communications shares key insights on data protection in an increasingly connected world, and how individuals, businesses and governments can keep their vital information secure.
By: HT Brand Studio
There's no doubt that the increased proliferation of technology and the internet has made our lives easier and far more connected. At the same time, this hyper-connectivity has also increased the vulnerability of our data and systems. In 2016 alone, cyber-attacks have set off multiple alarm bells across the globe. From leaked debit card information and emails and hacks on high-profile Twitter accounts to full-blown DDoS attacks targeting multiple websites, the past year saw a plethora of advanced and innovative security lapses across the world. And with cyber-criminals constantly evolving new methods of attack, it's now up to enterprises, governments, and individuals to understand exactly where they are vulnerable and how their vital data and information can stay protected.
In an interview with HT Brand Studio, Srinivasan C.R. – Senior Vice President, Global Product Management & Data Centre Services – Tata Communications, shared insights on the growing menace of cyber threats. He also outlines some of the measures that enterprises can take to future-proof their businesses as they continue on their path to digitalisation.
Over the past few years, what are some of the biggest cyber-security threats / episodes seen globally?
One of the things that very clearly stand out in the past several years are threats in the form of distributed denial of service (DDoS), where web services are intentionally overwhelmed by traffic from many sources. It is a common method for digital assaults.
A recent episode you may recall is the Mirai botnet attack that affected large groups of users across Europe and the east coast of the US. Multiple DDoS attacks targeted systems operated by DNS providers, DYN, that serves many customers across the globe. It lasted several hours through October 21, 2016, and took down a host of popular websites, essentially causing the internet to come to a screeching halt. Interestingly, one of the sources of the attack was from IoT devices such as DVRs, digital cameras, etc. connected to the internet.
The thing to remember is that cyber attackers are looking for the fastest response and reaction to their message. Therefore, the hackers chiefly target institutions that have plenty to lose in terms of credibility, or events that are commanding global attention.
So, who exactly is a cyber attacker? And what are the motivations behind such attacks?
At Tata Communications, we've dealt with many customers who have experienced cyber-security issues affecting their businesses. Cyber attackers can be motivated by different reasons – in some cases it is because the attacker is against something on principle, or there are state-level rivalry/conflicts. Interestingly, sometimes, this may be because of competitors in the business, especially in cases where the attacks are focused during prime operational hours, though getting to the root of this is close to impossible. For instance, in countries such as Taiwan and South Korea where gaming is popular, vigorous attacks often target the launch of new games. Sponsored by rival gamers, these attacks are meant to slow down the game's performance, stop progress of game levels and compromise on the user's experience.
Then again, we have seen cases where the social media handles of popular accounts are taken over, like the time when Mark Zuckerberg's Twitter, Pinterest and LinkedIn accounts were hacked. The hacker's idea here is to get immediate attention in a big way. Are they looking for the common man's email data or Twitter account? Not really. They're looking at high-profile accounts that establish visibility and presence.
So, cyber attackers and hackers can be commissioned to attack specific targets?
Definitely. Sponsored cases of DDoS attacks are quite common, as this service can be easily purchased online. What makes cyber security even more complex is that it is not always easy to pinpoint the origin of the attacks; botnet attacks in particular are characterized by the fact that they can originate from multiple countries.
Can you give us an idea of the financial impact of such attacks on businesses?
The impact of a DDoS attack isn't just financial, but also reputational. Companies not only face the threat of losses inflicted by operational downtime, but also of extortion from the more recent phenomenon of 'ransom attacks'. By exploiting vulnerabilities in unprotected networks and a range of connected devices, including smartphones and tablets, DDoS attackers are able to grow their botnets at an alarming rate. This increases the scale and power of an attack and reduces the likelihood of an effective counter attack from the victim's network.
However, at the same time, tracking such activity has also become far more advanced and there are several organisations that are solely focused on tracking such suspicious activity or data flow. Often, some attacks can be predicted beforehand because attackers exchange a few specific code words on a chat forum, which immediately alerts the security systems.
What are some of the new things we're seeing in the field of cyber security?
Lots of things are happening in the field currently. At Tata Communications, for example, we focus on new trends to understand the best ways we can prevent an attack before it debilitates a system. One way to stay ahead in the game is by anticipating an attack through constant monitoring and then dealing with it as it happens. This is known as scrubbing.
Scrubbing ensures the network layers act as the first line of defense, by monitoring and cleansing all incoming traffic in real-time. Clean traffic is then routed into the network, whereas any suspicious traffic is routed back to the source. It's an automated anti-DDoS attack system, for which we have many customers globally. Thus, legitimate traffic always gets through, while malicious traffic is mitigated at the source rather than near the target network, so it does not choke bandwidth. Tata Communications has 15 scrubbing centres across the globe.
We also actively study changes in data traffic and data patterns to understand global usage trends. This helps us detect unusual activity and allows us to forecast attacks. Within a few minutes of traffic patterns changing, we can block the traffic immediately.
Another key way to mitigate attacks is by understanding identity trends through machine-to-machine communication. Establishing identity and security codes here is very important. Analysing logs, data mining, these are some of the ways we can work towards creating safer communications between devices. Going forward we want to be able to find even more fool-proof ways of analysing data and patterns so that we can predict future attacks instead of just reacting to them after they occur.
How well protected is India's critical infrastructure – such as banks and hospitals – from large-scale cyber attacks?
Most companies and government agencies in India today employ fairly robust measures to counter cyber threats. It's fairly evident that security is no longer an afterthought; in fact, it's one of the first things institutions consider when setting up a new system. But then again, it's important to remember that any information out on the internet is vulnerable. It's a balance between how secure you are and how badly the hacker wants to break into it.
That said, weaknesses get created at different levels, too. We have to be vigilant constantly.
How far do you think Indian government agencies are equipped to deal with major security breaches?
I think the Indian government already has enough talent on board to tackle issues of cyber security at a senior and advanced level. The current level of awareness about potential security lapses and threats is high. Before any new programme is launched, utmost attention is given to how the information can be protected. Having said that one must also remember that any control or security is only as good as its implementation. For keeping something operational 24X7, maintaining the highest level of control over the data protection system is crucial.
Which countries are leading in the area of cyber security? Could you give us a broad picture?
The US federal agency is one of the most advanced and active organisations in this area, and quite an overwhelming presence. In Europe, a new policy is in the offing – the General Data Protection Regulation (GDPR) – which establishes the very crucial issue of data residency. The primary goal of the GDPR is to give citizens and residents control of their personal data and make sure that sensitive data is not exported outside the EU. Several countries are trying to tackle the issue of data residency these days – and it all begins with classifying what data can and cannot be taken outside a country. For example, sensitive data such as citizens' bank details and other personal information must remain within a country, and policies like GDPR ensure that such information is not misused.
Just about everyone now is connected to the internet via a laptop or smartphone – what are the biggest threats we face as individual internet users?
First things first: We must decide whether some specific personal information needs to be shared at all. Individuals need to choose what to share and what not to. Social media has made it exceedingly easy for us to reveal personal data without realising how widely available this information becomes once it's out there. In addition, Indian users still need to cultivate some skepticism regarding the apps they install on their devices. Not all companies are technologically competent to ensure that the apps are safe and there is no worldwide mandate or organisation certifying apps currently. Similarly, we need to log on to trusted websites, which have SSL encryptions, etc.
From a personal standpoint, I would advise the following: Use trusted apps from trusted sources; delete apps that you don't use since malware these days can sit on your phone for very long before being activated; do not download stuff you don't need, and never open attachments from an unfamiliar source. It's also important to remember that almost 80% of breaches are from some known source or the other.
What are some of the threats in cyberspace that we can expect in the next 10 years? What kinds of steps are being taken at Tata Communications to address potential future attacks?
Data protection is going to be a major challenge in the future for all enterprises, particularly in terms of who owns the data and where it is stored. Plenty of efforts, for example, will go towards ensuring that data is restricted to the geography it originates from.
In terms of threat, data is the new currency. Compliance to global standards and requirements will be a big challenge. This will in turn lift the standards of data security worldwide.
Tata Communications is gradually establishing a global presence that provides customers advanced insights on cyber security threats. The finer nuances of such attacks are often best understood in terms of local geography. Thus, we're also looking to expand our technologies and intelligence across the world. Identity and access management and cloud security are some of the chief areas that will require even more attention in the future, and we're focusing considerably on that. It's pretty safe to say that in today's times, data security and protection is one of the fastest-growing businesses we have.