The future belongs to information technologies that simultaneously provide proactive protection, backup, and data authenticity.
According to the FBI, since the pandemic has started, the number of cyberattacks per day on their division hit 4,000. Overall, last year was extraordinary in terms of cyberattacks against businesses and government agencies. The most notorious were the Twitter hack, EasyJet and Marriott data breaches, SolarWinds, VMWare, Microsoft, WHO, Zoom, and counting.
In fact, this has been happening for a long time. And this is just what we learn from newspapers and news resources – in reality, there are even more cyber attacks happening every day.
These examples clearly demonstrate two of the most relevant trends in the information technology world. First, the volume and scale of data are constantly growing. I am also talking about personal information – photos, videos, audio – and corporate and government data. The rate of this growth is enormous – at least 40% per year. At the same time, it is no secret that most of this information is stored in the cloud because it is accessible and efficient.
In general, the amount of information is growing, as is its circulation, and the more sources, the more potential holes and the more ways to hack, steal, and attack.
The very nature of cybercrime has also changed. Sophisticated and advanced cyber threats are emerging. For example, ransomware is a program that, once entered into the system, can block it in just a few minutes.
Furthermore, employees of companies and government agencies using personal mobile devices in their work - opens up additional opportunities for cybercriminals.
As a rule, ordinary employees do not have access to the most important data, or this access is possible strictly at work through a computer. Usually, some employees can’t access financial documents after 19:00. At the same time, leading managers are often forced to work 24/7, and thus they can’t be cut off. There can be from several dozen to several hundred such people in an organization. And they are all potential targets for hackers.
It is not difficult to imagine how such a crime is committed, we’ve seen it a lot in the movies: in the evening a person goes to a cafe, he starts a conversation with a stranger. It is enough to borrow a smartphone for a few minutes to get into the database. Naturally, the control system, no matter how smart it is, does not react to this in any way – this is an authorized entry of the owner, not a hack.
However, this method of penetration is already outdated. Phishing is the new social engineering. A person receives a letter that, at first glance, looks like an email from a colleague. Many people come across and open it: most often, it is ordinary spam, but with the same success, it can be ransomware, which in a matter of minutes paralyzes not only the carrier's computer but the entire system in which it is located.
Here is a real case – just a few years ago, hackers approximately blocked the information systems of several government services in Ohio at once. Among them was the 911 service - a very dangerous situation.
Is it realistic to fight this? It's complicated. Due to advanced cyber threats, traditional antiviruses are no longer effective: malware can slip between updates. Backups also do not always have time to save important data. This is why proactive defense is perhaps the most winning tactic.
One of the most promising technologies is blockchain. To put it quite simply, this is a technology for storing data, protected by unique mathematical rules so that no one can take possession of it, except for its owner. In addition, the blockchain solves another need – data reliability and immutability.
Until recently, it was impossible to be sure that the financial statements or the hospital's filing cabinet were not changed over time due to an oversight or due to a cyberattack. The blockchain allows you to make sure that the data is authentic and has not been changed.
We need a solution that combines all three functionalities – proactive information protection, data backup, and authenticity. In this trinity, I see the future.