Cyber Security News Update 12/8/2017

Industrial sabotage, usually in the form of cyber attacks has become commonplace in the news. Years ago it’d be unusual to see a major company report that it had even been attacked, let alone suffer a data breach. Now it happens constantly, it’d beyond unusual for a company NOT to he been attacked some time during the week. Cyber attacks are expected to increase in frequency until companies find themselves under attack constantly. This is all bad news for India, which China’s Advanced Persistent Threat (APT) groups have set their sights on. These APT groups are set to descend on any states or other players that might negatively influence China’s position in the global markets, which includes places like Hong Kong as well. This is troubling because at a country level cyber security standards tend to lag and it’s been noted as an issue for India in particular. This trend of government backed hacking groups is nothing new, though they’re now showing up in countries that wouldn’t typically field them, such as Iran with APT33. Russia’s APT28 is another well known group, and of course some might argue that the United State’s NSA falls under the APT classification. Cyber warfare has become increasingly prevalent in modern times and corporations need to be prepared to respond to it. It’s not enough for your systems to be password protected, they need to be encrypted and require multiple forms of verification. Social Engineering attacks are still viable, any corporation should have protocols in place to ensure that someone with a phone can’t talk their way past their security measures.
Source: Chinese Hacker Groups To Shift Focus To India In 2018: Cyber Security Firm

China isn’t just looking to influence the cyber world internationally, it’s looking to revamp the cyber security laws within its borders as well. US lawmakers and companies have become increasingly concerned with the direction these laws are taking, in that they require companies to provide all their data and traffic to the Chinese government. This means that if a firm develops a part for a next generation aircraft in an office in Beijing, then the Chinese government gets to see the file. If a confidential or classified email gets sent to or from an office within China, that email gets reviewed. This of course scares away companies who’d rather keep what they’re working on a secret. This also applies to companies that store personal data and operate internationally, they’d have to share their data with the Chinese government too. Some companies have already buckled to pressure from the Chinese government, like Apple who’s decided to stop allowing Virtual Private Network applications to be available on the Apple store. These applications allow users to circumvent the restrictions placed on what people can see inside China and also allows them communicate without fear of everything they say being recorded by the Chinese Government.
Source: U.S. Tech Firms Spooked by China’s Arcane Cybersecurity Law

With the ever present risk of attack and the increasing frequency of them it’s no surprise that companies are turning to AI research for an answer. The increase in cyber attacks is also linked to AI’s being used to create the attacks and modify them on the fly, computers are simply better at writing code then humans. As silly as it sounds now, in the future companies may really have need for Deckers who attack their opponents networks directly. In the meantime AI’s can be used to verify the integrity of a network’s security and may replace White Hat hackers entirely.
Source: 3 advanced prevention technologies expected to grow in 2018