top of page

                                  The Current State of Cybersecurity

 

Cyber threats is one of the biggest threats facing governments and corporate entities in business and operations in the public and private sectors. In May of 2017, there was a ransomware cyberattack that compromised the security of approximately 300,000 computers, machines, and equipment around the globe. Some of the disruption reported includes students risking losing all their work and being locked out from their computers in China. In Romania, workers in an auto manufacturing plant were send home for the day because their network system have been compromise. The biggest disruption, perhaps, took place in the United Kingdom (UK), where the ransomware compromised The National Health Service (NHS) network systems operation involving doctors, staff and ambulatory services. MSN.com has reported in an article that we reveal how advance cyber threats are. Specifically, a malware called Wanna Decryptor was unleashed by an unknown entity or entities with the capability to locked up computers all over the world and then demanding a ransom to unlock it. If the demand is not met, then the victim or victim(s) risk having their computer and data in their network being destroyed or erased (Griffin, 2017). In an On the Verge web article, it detailed a sophisticated software exploit developed by the NSA and was stolen and unleashed on soft, civilian targets (Brandom, 2017). The recent incidents have made headlines in countries effected by the malware but in truth cyber threats does not always have to come on such a global scale. It can also be on a smaller one, for examples, local businesses and school districts can also be targets. It is of my opinion and belief that the threat will continue to grow and become more advance than ever. The effect of viruses and malwares along with the many other exponential threats on the internet can result in financial loss for a business, due to losing work data for their customers or for the restoration and implementation of newer systems along with labor and services. It can be hard to shake off the economic effects in some cases. Since 2000, there have been an increase to a new type of security solution known as a Managed Security Service Provider or MSSP. To offset the cost of these advancing cyber threats, Gupta and Zhdanov, in their research on MSSP, concluded that private firms, educational institutions and small companies could benefit from using an alternative form of security solution such as a Managed Security Service Provider (MSSP) (Gupta & Zhdanov, 2017).

According to The MIS Quarterly, MSSP are firm(s) or private company or companies that is responsible for the security of the network systems for a specific group (Gupta & Zhdanov, 2017). In essence, this can be any businesses or entities that is capable of providing network security solutions to a group of businesses to combat cyber threats. Basic and effective MSSP protection plan should have contingency plans in place and customer(s) data backed in the cloud. Services such as advance monitoring, encryption and intrusion prevention should also be in place along with firewall and systems restoration. The research showed that there can be added benefits of joining a MSSP, some of which are:

  • Cost Saving

  • Adequate Staffing

  • Focused Skills Set

  • Objectivity

  • Independence

  • Liability Protection

  • Dedicated facilities

  • 24 hour around-the-clock technical supports

 

With cyber threats being an everyday reality and will continue to be in the future. It is something that we can say “comes with the turf” since the launching of the internet decades ago. Past and recent cyber threats has targeted our government, educational institutions, hospitals, private firms and small, medium and big size companies. The ransomware attack in May infected some very complex network systems belonging to multi-national corporations such as Maersk, Rosneft and Merck (Brandom, 2017). CNN reported that the Washington State Department of Health and Human Services (DHS) website was hack into and the perpetrator planted pro-ISIS propaganda (Andone, Shortell, Rehbein, 2017). The same hacker possibly, infiltrated Ohio state government including the Department of Correction and Rehabilitation (Andone, Shortell, Rehbein, 2017). While there has been no major hacking incident of our financial institutions here in the U.S, the Bank of South Korea was not so lucky when their network system was compromise by their internal-patching systems back in 2013 (Brandom, 2017). It is not hard to understand that cybercriminals are targeting government(s), schools and hospitals, businesses and corporations and other entities and their stats have been success in their favor. What if their next big successful target or targets is an entity that deals in the everyday transaction of our private information and financial transactions. This can include sensitive information that can pertain to our medical record, birth certificate and social security number. Because of the sensitivity of such data, we have to ask ourselves are these institutions or any businesses having any involvement in the handling our personal and confidential information equipped with the latest and best tools and technologies to deal with these advance cyber threats.

Small companies, private firms and educational institution are reviewing and revising their IT plan in light of what has been in the headline in recent years. Past and recent coverages in the news and media outlets exposed the vulnerabilities and infiltration into some of the world’s biggest corporations including government of different nations. The threat will continue to rise and every organizations, whether it is governmental agencies, public trading corporations or healthcare and educational institutions must have a contingency plan in place because it is not a matter of “if” but a matter of “when?” the next big cyber threat strikes. According to a report, 87% of organizations participating in a study research encountered one security breach on average in a 12-month period (Forrester, 2015). The threats do not always have to come from the outside. They can come internally as well, as employee access malicious websites and emails unintentionally not knowing the harm that it can cause. More advance detection solutions and mitigation plans need to be in place to prevent these kind of issues. In an article a few years ago, cybersecurity expert John Connolly weighs in on the recent trend in hackings. Connolly, who is Chief Technology Officer (CTO) for CHS School District 230, has been seeing more of what is call a denial-of-service attack or DDoS. This new wave of cyber-attacks bottled up internet traffic and send out too many external communication requests that slowed down the network. Consequently, teachers, staff and personnel are unable to access their emails (Remis, 2016). Many organizations nowadays are turning to third parties for their IT solutions due to high increasing cost, tedious recovery time and effort and usually an overwhelmed and undersize staffing department.

Jim Peterson is the CTO Director at Bloomington School District 87 in Illinois. He is also the CTO for Illini-Cloud, a managed cloud network that is responsible for providing computing resources for about 500 school districts. He believes that in addition to basic network systems protection protocol consisting of firewalls, heavy encryption and intrusion prevention systems, offensive measure should also be taken that should include regular external security audits, penetration testing, disaster recovery tools in place and server replication with data back-up and recovery (Remis, 2015). When it comes to cyber threats on the business level, machine shop owners have expressed their concerns and they, too are revising the IT plan for their company. An article from MMS published in Oct. 2016, with Bill Bither, who is the owner of MachinesMetric, explains that the chance of machine shop networks getting hack is quite rare due to these cybercriminals already having targeted specific individual or groups (Albert, 2016). He noted that people are under the misconception that hackers can access businesses network systems from the internet. “In truth, even the most basic network connected to the internet places a router in front of the internet connection, so any hacker from the outside would be unable to access the machines directly. However, this provision does not protect against vulnerabilities arising from unprotected software and sophisticated intrusions” (Albert, 2016).

Not everyone believed MSSP is the right solution for everyone. There are concerns regarding the ownership and the accountability of the system. Should a hacking incident occur, and data becomes lost, erased or stolen, who would assume responsibility for the breach? Who will owe up monetary if that was what was at stake? How can clients of MSSP networks have assurance for Intellectual Proprietary Right (IPR) data? The second issue is trust. Businesses entities and private firms may have IPR data, regarding their products, processes, suppliers and customers. These data can include trade secrets. Companies need to do everything they can to protect their data, making sure it does not fall into the wrong hand, like their competitor for example. School districts is another entity that is a target because they maintain records of employees and students. Most school districts do not give people access to this information and when they do, it is with cause and only for a limited period. School Districts likewise would also have a trust issue when it comes to their employees and students private and confidential information. There are legitimate issues and concerns that definitely need to be addressed before making decision whether to join a MSSP or not.

The advantages that a MSSP network can offer to clients is not cost reason alone but the advantage of being able to access more resource and get newer information that can better their network systems, protecting data and private information. The need for MSSP is evident in the growth of the industry. Statistics and data have showed that from the year 2000 to 2010, the cost of MSSP services increased from 140 million to 2.3 billion in North America alone. It is almost equivalent in Europe at 2.5 and Asia has a 31% growth (Gupta., Zhdanov, 2012). Evidently, the trend will continue in the future because of the advancing nature and dynamic changes of cyber threats In conclusion, though there are good reasoning, viable concerns and issues when it comes to deciding whether or not to join a MSSP network as a solution to dealing with cyber threats, the benefits far outweigh the disadvantage of not using an MSSP service for smaller firms, school districts and private companies. They can reap the benefit of having valuable security resources all the while the cost of sharing, maintaining, updating and upgrading their network security systems would be less expensive.

 

There are ways how we can gain better advantage when it comes to dealing with cybercriminals and their unknown intention and plans. One way is to employ “white hat hackers”, to study the cybercriminals methods, patterns, targets and activities. We need to understand and be aware of what their weapons of choice are. I believe that if we do not take the necessary steps to gain back control of our network security systems infrastructure as a whole, we can end up as victim and loser in this war that we are waging back against the cybercriminals. In today’s world, it can cost an arm and a leg for an individual firm, school district or private company to spend on protecting their network security system. This research proposed that the alternative solution, such as joining a Managed Security Service Provider is something that all entities, public or private, should considerate when implementing changes or revising their IT plan. We need more than just prevention and awareness program because when sophisticated attacks occur, the recouping of an individual entity or organization network systems can become a timely effort, costly issues and result in financial loss because it can disrupt an organization operation, such as the incident with the National Health Service (NHS) in the UK. If small firms, educational institutions, and small companies can come together and pool in their resource then they can gain momentum in their favor and perhaps can thwart off these advancing cyber threats as a community and a team. That resource can be a decision to buy newer software with added features or upgrading to newer systems. After all, it is their information and their data that is at stake here. Make no mistake cybercriminals do not discriminate because of race, sex, gender or age and anyone can become their target. We cannot do much as to whom they choose to as their target, however, it will be up to us to prevent us from becoming their victim.

REFERENCE:

 

Albert, M. (2016, Oct.) Keeping a Shop Network Safe. Retrieved from

http://www.mmsonline.com/articles/keeping-a-shop-network-safe

Fortinet (2016) Advance Threats Buyer’s Guide. Retrieved from

https://i.crn.com/sites/default/files/ckfinderimages/userfiles/images/crn/custom/Fortinet_LC/ATP-Buyer-Guide-v5-final.pdf

Griffin, A. (2017, Dec.) NHS cyber attack: Ransomware used in huge hack is now spreading across the world. Retrieved from

https://www.msn.com/en-gb/news/world/nhs-cyber-attack-ransomware-used-in-huge-hack-is-now-spreading-across-the-world/ar-BBB3ZSS

 

Gupta, A.,Zhdanov, D. (2012, Dec.) Growth and Sustainability of Managed Security Services Networks: An Economic Perspective. MIS Quarterly Vol. 36 No. 4 pp. 1109-1130.

Retrieved from

http://eds.a.ebscohost.com/eds/detail/detail?vid=1&sid=7aba306a-3f4e-4658-a9ca-b71796933031%40sessionmgr4008&bdata=JkF1dGhUeXBlPXVybCxjb29raWUsaXAsdWlkJnNpdGU9ZWRzLWxpdmU%3d#AN=83465896&db=iih

Remis, K.K. (2015, April). Defending Data Security. Retrieved from

www.districtadministration.com

Brandom, R. (2017, June).The global ransomware attack weaponized software updates. Retrieved from

https://www.theverge.com/2017/6/27/15883110/petya-notpetya-ransomware-software-update-wannacry-exploit

bottom of page