Five Hi -Tech Ways To Fight Off Cyber Attackers

Uploaded on 2019-07-23 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

People today are increasingly reliant on smart-phones, smart speakers and other personal devices and most can't imagine going more than a few hours without using a computer, and some of them spend most of their work days sitting in front of one. 

This shift towards a tech-centric culture means people are at a much higher risk of cyber-attacks.But, researchers are hard at work figuring out how to reduce the likelihood of these attacks, and coming up with some futuristic ways to do so. 

Here are five examples.  

1. A high-tech computer chip that proactively prevents attacks
For now, a common way to safeguard against attacks is to make software patches and install them on users' computers as necessary. Similarly, virus and malware scanners detect suspicious files and keep them quarantined in dedicated folders on a hard drive. However, researchers at the University of Michigan think they've come up with a better way. It's a computer chip that encrypts and reshuffles its data and coding 20 times per second. As such, even if a hacker breaks into a computer, the information they need to exploit a vulnerability vanishes within milliseconds.

While using a prototype processor fitted with the chip, the people on the research team demonstrated how the tiny component successfully prevented every kind of control-flow hack, which is one of the most commonly used and dangerous attacks hackers carry out.

The rate at which the chip scrambles the data is the "churn," and it's possible to adjust its speed. Choosing a churn rate of every 50 milliseconds slowed the processor's performance by only about 1%, but the churn is several thousand times faster than what any electronic hacking tools accomplish.

2. Compressing network activity to give analysts more of the information they need
Speed is a crucial metric when devising new ways to fight cyber-attacks. That's due, in part, to the significant expense of data breaches. Research indicates malicious or criminal attacks leading to data breaches are the most-costly, resulting in an expense of $157 per user. So, the longer an attack goes undetected, the more expensive the catastrophe becomes.

Researchers working for the US Army believe they found a method that allows detecting harmful network activity sooner than previously used techniques permitted.  For example, distributed network intrusion detection tasks a small number of specialty analysts to monitor several networks simultaneously. Sensors on a protected system transmit data to analysis servers, which is a bandwidth-heavy process.

Most systems minimize the bandwidth used by only sending summaries of network traffic. But that means analysts only see snapshots and often spend too much time investigating false positives, or do not have enough details in context to notice genuine attacks.

The researchers hypothesised that malicious network activity manifests early. They developed a tool that stops network transmissions after a predefined number occurs. The next part of the investigation involves compressing traffic analysis to less than 10% of its original volume while sacrificing 1% or less of the cyber-security alerts.

3. Boosting the Cybersecurity of the Cloud with Blockchain Technology
A growing number of businesses are deciding it makes sense to increasingly rely on cloud technology to meet company needs. According to a 2017 poll, 95% of the 1,000 respondents said they were using the cloud. Cloud technology caters to enterprise-level requirements, but it's not without cyber-security risks.

Large-scale data breaches at companies like Equifax and Uber make company leaders more aware of the potential consequences associated with poor cyber-security. Even so, many business entities remain unprepared. A 2017 study polled thousands of international businesses and classified their cyber-security readiness level as novice, intermediate or advanced.
In all cases, at least 70% of the companies fell into the novice category. Due to the popularity of the cloud for businesses and the fact that many are so unprepared concerning cyber-security, some people are exploring specific ways to secure the cloud. 

The blockchain is one viable possibility for keeping valuable details, such as business intelligence information, safe from cyber-criminals. Most people know of blockchain technology associated with crypto-currencies. Information gets verified and permanently added to a digital ledger. As such, it's difficult to tamper with the content, especially since the blockchain gives visibility and transparency to all involved parties.

Experts insist that making the cloud more secure with the blockchain is not immediately feasible and that the blockchain is not the sole solution for cloud security, but researchers think it could help propel progress.

4. A human-machine technology to improve cyber-security accuracy
Many of today's cyber-security detection technologies can identify anomalies. When they detect activity that strays from the norm, the systems notify human technicians to take a closer look. A research team from MIT wondered if they might push cybersecurity forward by combining machine learning artificial intelligence (AI) with human intuition. Typically, platforms that use machine learning get smarter over time without input from people.

The MIT researchers combined human knowledge and smart computers in a platform called AI2 and tested it on 3.6 billion pieces of data. The results showed the system predicted cyber-security events with 85% accuracy, which was approximately three times better than earlier benchmarks. Moreover, AI2 reduced false positives by a factor of five.

The technology works by poring over the data and grouping it into clusters through an unsupervised learning process. The goal is for the technology to figure out which strange events are likely cyber-security attacks. However, the system doesn't stop there. Next, it provides the clustered data to human analysts. Those people then apply their knowledge and experience when checking the algorithm's findings.

The humans verify which events are genuine attacks, then give feedback used to make better models for the next set of data. Moreover, the existing models can get better from the updated data in a matter of hours. As such, there is a low to non-existent risk that scientists would rely on outdated algorithms for too long.

5. The first multi-entity detection and response platform
One of the challenging realities of cyber-security is that risks can come from multiple sources. For example, a person might unknowingly download an attachment contaminated with malware.  Or, an adversary could attack the entire network by focusing on a detected flaw. So, one practical cyber-security approach entails looking for numerous kinds of threats and safe-guarding against all of them as much as possible.

The four examples above all concern technologies in progress; this is a glimpse into the fruits of such research. A company called Mistnet recently launched a product called CyberMist. Advertised as the first multi-entity detection and response platform, this tool offers real-time prevention of threats and gives visibility associated with users, networks or hosts.
It combines edge computing and AI analytics to find threats in less than an hour. Continuously updated metrics on the product's homepage indicate CyberMist had a 99% reduction in false positives over the last 30 days.

Exciting things happening in the cybersecurity realm.

Even though many people feel unsettled when they think about how a cyber-attack could affect them, the fact that cyber-security professionals are exploring such promising ways of reducing or eliminating those incidents is hopeful. 

Cyber-security researchers know how crucial it is to keep threats at bay, and they aren't afraid of considering all possible options. As technologies improve, so should the choices for people who want to bring more high-tech applications to the cyber-security sector.

WEForum:

You Might Also Read:

How To Develop Secure Cybersecurity Practices:

 

 

« Air Travel Needs Stronger Cyber Security
Ten Reasons Why Senior Managers Need To Understand Cyber Security »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Pondurance

Pondurance

Pondurance is an IT Security and Compliance company providing services in Cyber Security, Continuity, Compliance and Threat Management.

SecureDevice

SecureDevice

SecureDevice is a Danish IT Security company.

Dispersive Networks

Dispersive Networks

Dispersive Virtual Network is a carrier-grade software-defined programmable network that is inspired by battlefield-proven wireless radio techniques.

CYBERSEC Forum

CYBERSEC Forum

CYBERSEC Forum is an annual European Public Policy Conference dedicated to strategic aspects of cybersecurity.

Golden Frog

Golden Frog

Golden Frog is a Virtual Private Network services provider offering secure encrypted access to the internet.

Tata Consultancy Services

Tata Consultancy Services

Tata Consultancy Services is a global leader in IT services, consulting & business solutions including cyber security.

AFNOR Group

AFNOR Group

AFNOR Group designs and deploys solutions based on voluntary standards around the world and provides services including training, professional and technical information, assessment and certification.

Rule4

Rule4

Rule4 is a global professional services firm that provides practical, real-world knowledge and solutions in areas including cybersecurity, AI, Machine Learning and industrial control systems.

TechStak

TechStak

TechStak is the easiest way for businesses to find and connect with IT Pros and other technology solution providers in their area.

National CyberWatch Center - USA

National CyberWatch Center - USA

National CyberWatch Center is a cybersecurity consortium working to advance cybersecurity education and strengthen the national workforce.

SIRP Labs

SIRP Labs

SIRP is a Risk-based Security Orchestration, Automation and Response (SOAR) platform that fuses essential cybersecurity information to enable a unified cyber response.

Security Risk Management (SRM)

Security Risk Management (SRM)

SRM provide a comprehensive security risk management service encompassing people, processes, technology, governance, compliance and risk management.

AI or Not

AI or Not

AI or Not - Leverage AI to combat misinformation and elevate the landscape of compliance solutions.

WaveLink

WaveLink

WaveLink offers low risk, results-oriented Engineering Services and best-of-class Technical Support Services. Areas of expertise include cyber and security engineering.

Twilio

Twilio

Twilio are the customer layer for the internet, powering the most engaging interactions companies build for their customers. We provide simple tools that solve hard problems.

Apex iQ (ApexiQ)

Apex iQ (ApexiQ)

ApexiQ is a continuous asset assurance platform that empowers you with the confidence to make better data-driven decisions and take automated action to reduce your risk.