In 1996, the invention of cryptovirology paved the way for modern day ransomware. Major cyberattacks were reportedly staged that year against the U.S. Department of Justice, the U.S. Air Force, the CIA and the U.S. Department of Defense.
Over two decades later, we are again facing high-profile and publicized cyberattacks on mission-critical infrastructure assets. Not to mention thousands of unreported ransomware attacks each day across the globe, which are staggering and alarming. The necessary investments and collective will to foster transformative technology innovations in cyber defense by government bureaucrats and corporate boardrooms have not been enough.
In the early, formative days of the internet, network and endpoint security was a matter of monitoring the systems that were our livelihood (i.e., enterprise desktops and servers, and personal computers). It was driven by compliance and security standards for data privacy and protection. Later a mobile workforce and the bring-your-own-device paradigm demanded remote access over virtual private networks and network admission controls respectively.
The Internet of Things (IoT) era proliferated devices and outnumbered interactive users in the cloud-based services economy. Today, artificial intelligence (AI) and machine learning (ML) are on course to shift the dynamics of next-generation safety and security of connected things, integrated with device hardening for cyber resilience and operational efficiencies.
In coming years, the digital revolution witnessed in the cloud over the past decades will have to confront the drive towards end-to-end digital transformation. Continued tribal thinking and short-term objectives in cybersecurity will be catastrophic in the age of sophisticated cyberwars staged by nation state actors and a cybercrime syndicate that operates with impunity across the globe.
A pandemic just brought the world to an unforeseen standstill for over a year. A crippling cyberwar can inflict a lot more damage on our instrumented way of life. A week without water, electricity, medical services, public transportation or internet access will appear pale in contrast to weeks, and perhaps months, of crippling outages while ransom is negotiated, and compromised infrastructure inspected and restored. The cyberattack surface and exposures in this dangerous game of asymmetric warfare are significant and scary.
Where do we begin course correction and where will it lead us? Whether you believe climate change is caused by human activities or by the intricate laws of nature, cyberspace is a human innovation without the wisdom of a supernatural force. Replacing humans with machines was the theme of the industrial revolution. Replacing natural intelligence with machine intelligence is the emerging cyber revolution. It behooves the scientific and political pundits to ponder on strategic direction and undesirable consequences. Every wave that changes our lives and livelihoods demands education and retraining to survive in the wilderness — whether in a jungle, city, suburb or on the internet. Cyberspace is a greenfield and a minefield.
The genesis of transforming cyberspace into a safe space will require no-nonsense international standards and regulations for safety and security of all connected things. If wearing masks is annoying during a global pandemic as a preventative measure to stop the spread, immunization is the protection to restore normalcy. Similarly, in the emerging information and operational technology convergence space of cyber physical systems, detection and prevention are equivalent to masks, and device protection is the immunization countermeasure for cyber resilience.
It is time to immunize devices and not perpetually deploy additional masks in the network wiring closet. The detection and prevention tools and methods that hackers are well versed in, the volume of events with low signal-to-noise ratio, and the cost of post-breach forensics to generate threat intelligence is a strategy that is not sustainable. Detection methods based on deductive, inductive, abductive reasoning, Bayesian logic (statistical) or Markovian (stochastic) models are inadequate against the sophisticated tools and methods in the arsenal of nation-state adversaries.
Security professionals have diligently responded to threats with anti-virus, intrusion detection, malware detection, anomaly and behavior detection, event and log correlation to guard the fortress from external attackers. However, adversaries are always two steps ahead and hold the first-strike advantage. When hackers encounter obstacles, they innovate.
Today, the global supply chain poses grave risks with blind spots at the component level and blind trust in data. The dichotomy between information technology and operational technology system administration, provisioning, operations, and maintenance requires fostering skill sets in the workforce. The global and fragmented market with export and import controls poses further challenges in a world economy without international treaties on cybersecurity to deter cyber criminals.
This is a call to action for original equipment manufacturers to rise to the occasion with security by design to empower AI engineering at the edge and in the cloud. It is the defining moment and about time for the board of directors and C-level executives in global corporations to look beyond quarterly profit and loss charts and focus on intrinsic value creation to protect the infrastructure elements and generate economic opportunities.
The emerging innovations in digital transformation, artificial intelligence, deep/machine learning, zero trust networking models and digital twins rely on foundational safety and security in devices. The high road to authoritative device identification with digital identities for secure onboarding, mutual authentication between peers using trusted digital certificates, attestation of platform trust, and supply chain tamper resistance is clear and imminent.