'Twitter phishing hack hits BBC', 'US links China to Google cyber attacks'-are some headlines that made waves and caused panic around the world in February, this year. In the twentieth century, news of murder, robbery and kidnapping were reported across all newspapers. In the twenty-first century, hacking, identity theft and cyber crimes seem to dominate the headlines. The growing dependence on gadgets and PCs is leaving people and nations vulnerable to cyber attacks. As the Internet becomes more integrated as part of our lives, the crimes committed on the net become more real, affecting lives in ways that were unimaginable previously. Today, cyber crimes have assumed a matter of immense importance at the individual, commercial and national level.
In India, media reports published in March 2010 mentioned the Indian government offices have reported a total of 177 incidents of cyber attacks in 2009, double that of 2008. M Veerappa Moily, union minister of law and justice, at a conference in February said that the IT industry's use can only be optimized when we have more pronounced cyber laws which are strictly enforced. It is not unusual now for criminals to spoof the name of the government to commit cyber crimes. One pertinent instance is a fraudulent website on Rashtriya Vigyan Kendra (www.rvk.net.in), which copied the National Science Center and Department of Science and Technology website and tried to lure people to send drafts for alleged vacancies for nearly 100 posts. Almost all governmental departments have classified, sensitive information passing through the Internet everyday, and they fall prey to hackers all the time. The regular anti-spyware available in the market is not sufficient to protect our national security or guard our personal data and identities. To protect networks today-given the sophistication of attackers-companies, carriers and governments need more sophisticated software and tools. Therefore, a pressing requirement is for a traffic intelligence software system that enables network managers and security analysts to see clearly the different kinds of traffic that is traversing their networks and powerful analytics to enable them to quickly detect attacks and act swiftly to mitigate them. Additionally, after the fact analysis is potentially necessary to set new IT policies and to provide details on specific attacks-be they internal or externally originated.
The web is a very intrinsic part of who we are and has become central in our daily lives because we conduct transactions and interactions over it. That leaves people as well as the networks (that carry traffic and content) vulnerable. Businesses use social networking websites like Twitter and Facebook to convey messages and build their brand awareness. Businesses that are solely Internet driven feel the need for a security solution that will not only protect their data but also their employees who log on to these websites. Yes, there are firewalls, passwords and anti-virus software; yet it is a well-known fact that professional hackers can get past these traditional anti-virus and security solutions. As a result, service providers regularly face DoS/DDoS (denial of service) and zero-day attacks for which signatures do not exist. These attacks paralyze the whole system severely impacting business and quality of service. If we are installing video intercoms on our front door to be able to see who comes calling, wouldn't we want to be able to monitor who accesses our personal information and who logs into our web accounts?
Real-time management of traffic in today's scenario is of utmost importance. Network managers need to be able to see clearly the entire breadth and composition of traffic traversing the network. Only then can these professionals analyze and manage Internet traffic, detect looming threats and take actions quickly to prevent them from turning into an emergency situation. Network managers need solutions that provide a holistic traffic visibility which is otherwise not possible with an appliance or stovepipe solution. They need a system that is able to solve complex, dynamic problems not seen or solved by existing silo based and signature based solutions.
IP based networks used by service providers and government organizations are among the most complicated to engineer and to manage. Protecting them requires an advanced, traffic intelligence system providing protection at all layers against malicious Internet traffic. At the same time, understanding this traffic affords the network and security analysts the ability to make more efficient use of the infrastructure. Thanks to the development in real-time traffic intelligence technology and new sophisticated mathematical algorithms that can make sense of these traffic patterns, large enterprises, carriers, and governments across the world are now employing these solutions with the help of a single flexible system.
Notwithstanding the technical solutions that are now becoming available, there is a strong need to implement stricter laws and to mitigate cyber crimes. Standing at the threshold of a technology driven future, what is needed is a real-time intelligence software for the Internet to combat cyber crime and manage large IP networks. This enables organizations to use minimum resources and response time spent on thwarting criminals on the net. This will give rise to an entirely new thought process about protecting our country's infrastructure and the way we conduct business in the cyber world. Let this be a call for action across all countries.
Yogi Mistry, Senior VP, Narus
vadmail@cybermedia.co.in