Cyber security: Identifying threats and fortifying networks in developing countries

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.businessinsider.in/Cyber-security-Identifying-threats-and-fortifying-networks-in-developing-countries/articleshow/49906288.cms

Threat of attacks on the cyberspace cannot be fathomed without accepting
the fact that the internet, by definition, is an entity without any
borders. What this implies is that cyberspace of a particular country or
region cannot be excluded from the global network, which affects the latter
and vice-versa.

Cyberspace's growth directly proportional to cyber crime

Expansion of the cyberspace, globally, has been exponential which, in turn,
has raised questions about how secure this international network is.
However, it is this ability of the internet to grow and expand that also
makes it one of the most important inventions of the last century. So, in a
way, this openness is a double-edged sword. What makes the internet
brilliant is also what causes online espionage, web terrorism, cyber
warfare and cyber crime. In developing nations and emerging markets, the
onus for security might even be greater as these are regions where the
number of internet users is rapidly increasing along with those who are
using smartphones and mobile devices.

Rapid increase of Internet users in India

In India, about 18 percent out of the 1.3 billion people are said to have
internet access. While this might seem low when placed against US's 87.4%,
but since India has a huge population, this percentage accounts for roughly
354 million people. Interestingly, only 3.95% of the total population had
internet access in 2007. This drastic rise over an eight-year period can
largely be attributed to the expansion of the smartphone industry in India.
Through mobile devices, around 159 million Indians browse the web.

One of the core concerns of cyber security in India is the vulnerability of
information when it is accessed through mobile devices. Limiting internet
access to these devices is not a solution since this rapidly expanding
web-savvy populace is also dependent on 'connectivity' for social and
economic reasons. Developing nations, where 'growth' is the omnipresent
mantra, cannot afford to curb it in the name of 'security'. The only
solution is identifying the threats and fortifying the network using
technology.

Cyber attacks against developing countries

Speaking of threats, Indian cyberspace, which recently saw cyber breaches,
surged by a record 117%, did not enjoy a safe season in 2013-2014, when
attacks peaked. That time period saw a 136% increase in cyber offenses
against Government of India organizations and a 126% rise in offensives
against financial institutions. According to a Norton report, offensive
cyber acts such as spear-phishing and ransomware cost Indian people and
companies around $4 billion.

Another developing country, Brazil, which is also one of the BRICS nations
along with India, also had its share of cyber attacks. Interestingly, one
of the biggest threats came from the NSA in the US. The American agency was
accused of monitoring networks, emails and telephonic conversations of
people involved with Petrobras, a Brazilian semi-government, semi-private
energy corporation so that American rival companies had access to
information regarding the specifics of the Brazilian company's plans for
expansion and/or future tenders.

The BRICS solution

Following such cyber threats, Brazil, as part of the BRICS collective, is
trying to bypass US-based web services. Like most other Latin American
nations, Brazil routes its internet traffic through Miami-based Network
Access Point. This makes it very difficult for the country to keep its
digital information safe from American agencies. The solution in this case
is the BRICS cable, a 34,000 km long telecommunications cable connecting
access points in Brazil, South Africa, India, China and ending in Russia.
Not only will this bolster the internet security of developing nations like
India, Brazil, South Africa and China, but it will also save them the huge
costs of using hubs based in Europe and US.

Cyber warfare is real

One of the core challenges of cyber security with respect to developing
nations lies in identifying foreign nation state aggressors that perpetuate
such attacks. Stuxnet, a virus that disrupted Iran's nuclear capabilities,
was a joint US-Israel project. The NSA has also been accused of hacking
into Chinese Telecom giant Huawei believing that doing so would reveal
details of the Chinese military. China, on the other hand, has been accused
of hacking into emails of Indian academicians who were known to be
pro-Tibet. Indian security agencies also claim the foreign agents also
accessed information related to Indo-Tibetan Border Police (ITBP),
something that only China would be interested in.

All of these point to one fact - cyber warfare is here to stay. The global
concerns related to cyber security, especially from the point of view of
developing countries, need to be addressed immediately. Countries like
India and China can also greatly benefit when these concerns are addressed
as the solutions will definitely involved technical expertise and tools,
something which these countries have in abundance.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!