February 3, 2017
As our dependance on technology grows, so does the concern of keeping our data safe. With cybersecurity attacks on the rise, IEEE Senior Member Babak D. Beheshti, PhD, weighed in with his thoughts on the evolution of security concerns,offering his expert advice with security tips that can help to protect you and your data.
IEEE Transmitter: What are the biggest cybersecurity trends right now?
Beheshti: An increasing migration of services, data storage and operations to cloud-based platforms has now made them a prime target for cyber attacks. It is not only the cloud infrastructure that needs to be protected, but attackers also can target legitimate API, Application Program Interface, calls to the cloud. These calls can be multiplied in number to the point of saturating the cloud platform, hence accomplishing a successful DDoS attack.
As more and more devices become “web-enabled,” the Internet of Things (IoT) is providing an exponentially larger attack surface. Home automations, wearable devices, automotive connected devices, as well as remotely-accessible components within the critical infrastructure, provide for an abundance of opportunities for takeover of one single device to launch an attack on specific targets.
IEEE Transmitter: What security tips can you offer to ward against attacks?
Beheshti: 1. Avoid password reuse. Once a large data breach has been accomplished, the attackers use the discovered passwords on other well-subscribed web accounts, counting on individuals’ tendency to reuse the same password on multiple accounts. This will inevitably lead to an avalanche effect after a single data breach.
2. Be vigilant in firmware, software, and security patch updates. All devices connected to one’s network must run the latest and safest version of the software. The majority of attacks start with an exploit taking advantage of a known vulnerability for which an update has been released.
IEEE Transmitter: How are biometrics playing a role in combating technology?
Beheshti: Biometrics will have an increasingly significant role in cybersecurity. Close to a billion smart mobile devices will be equipped with an integrated fingerprint sensor in 2017. It is likely that fingerprint technology will be complemented –not replaced — with additional biometric sensors such as iris scanning. Practice of the principle of “depth-in-security,” i.e. use of multiple complementing techniques to authenticate a user, will be a focus for device manufacturers in the years to come. Software that implements facial recognition and or voice authentication should be added to devices.