Despite significant time and resources expended, cybersecurity remains a top concern for information technology professionals. A number of serious data breaches in 2014 demonstrated that major corporations — and even governments — are not prepared for the constant onslaught of attempts to thwart digital defenses.
Hackers last year stole massive numbers of records from large companies, including 152 million from software maker Adobe, 76 million from financial services firm JPMorgan Chase, 70 million from Target and 56 million from Home Depot. Those breaches paled in comparison to the damage done to Sony Entertainment by a highly publicized hacking incident that the U.S. government officially blamed on North Korea. The economic damage may reach $100 million, according to CNBC, including replacement of computer equipment, lost productivity and measures to stop future attacks.
The Sony incident may have bigger implications in the cybersecurity world, as U.S. officials evaluate when and to what extent the government should aid private companies in protecting data and networks, according to Businessweek. In a 2013 Senate hearing, top intelligence personnel warned that digital spying and cybersecurity attacks have surpassed terrorism as a threat to national security, according to the University of Maryland University College.
Why are systems so vulnerable?
In spite of all the resources devoted to cybersecurity in the United States, networks and data remain at risk due to a number of vulnerabilities, experts say. Weaknesses in a system, combined with the ever-improving abilities of hackers to exploit the weaknesses, lead to breaches.
Hackers use various exploits to launch a variety of attacks. One of the best-known is a denial-of-service attack, in which websites or entire networks are taken out of service. Worms and trojans that make individuals users' computers unwittingly join a large army of "zombie computers" are an example.
In an indirect attack, a third-party computer uses another computer to initiate an attack, making the source tough to track. In direct-access attacks, an unauthorized user may access a computer and take actions — such as installing certain software like keyloggers and software worms — that compromise the machine and its network.
Change needed in digital infrastructures
Cybersecurity is a global problem, since experts say most countries — including the United States — have digital infrastructures that are not secure. In addition, approximately 85 percent of the U.S. digital infrastructure is owned and run by the private sector, making the commitment of the U.S. government to protecting private companies even more critical.
Solutions include threat prevention, detection, response
Today's cybersecurity efforts involve mostly preventive measures such as firewalls intended to block hostile traffic on a network. Experts posit that the ideal security setup would involve three components: preventing threats, detecting threats and responding to threats. Implementing all three components involves controls like cryptography to protect data and system files, sophisticated systems for detecting intrusion attempts and providing information trails after the fact, and response systems such as notifying legal authorities of intrusions promptly.
A 2010 study noted that for the first time, economic losses to companies are higher in the cybersecurity realm than from traditional theft, according to Reuters. In 2015, experts advise that corporations should be implementing technologies and policies to allow immediate detection of breaches so that damage can be mitigated.