In modern conditions, this is no less important than the rules of personal hygiene or road traffic
With the rapid growth of the digital economy in the world, the volume of cybercrime is increasing.
"If we look at digital fraud as an individual country, with $6 trillion in damage in 2021, it would be the third most powerful economy in the world after the United States and China," as Cybersecurity Ventures said in a report. By 2025, cybercrime will cost the global economy up to $10.5 trillion annually. Back in 2015, this amount was estimated at $3 trillion – that is, in 10 years, the threat has grown 3.5 times.
For Ukraine, the problem of digital security has more than just a monetary dimension - from the very beginning, Russian armed aggression has also been conducted in cyberspace. Therefore, it is important for us to understand the trends and challenges for cyber security in the new year.
The zero-trust model is the new normal
"Never trust, always verify"
is a key principle of the Zero Trust architecture, which has gained popularity since the start of the pandemic and as companies move to hybrid clouds for remote work. A clear explanation of this approach is given by Jeff Krum from IBM: if we want to protect the house from thieves, we install reliable locks, alarms, and surveillance cameras outside our home. But what if the attacker is already inside the house? Such actions will not help.
The zero-trust model is taken as an axiom of the fact that every user in the system is considered a threat, requiring constant verification and confirmation of necessary access. In practice, we see this in the increasingly frequent use of multi-factor authentication on various services, when, besides passwords, we are asked for additional confirmation (code from SMS, email, etc.). It is this concept that will become the only acceptable one for organizations seeking to protect their data and exist securely in the digital environment.
Augmented reality (AR or MR) - this term, according to The Economist, was on the list of trending concepts that should be understood in 2023. The essence of augmented reality is that it allows real and virtual objects to interact with each other. For example, you can play table tennis where the rackets are real and the ball is computer generated.
This technology is part of the metaverse concept, which involves the creation of many virtual worlds within which users will interact with each other with the help of digital avatars. Gartner analysts predict that by 2026, 25% of people will spend at least an hour a day in the metaverse for work, shopping, learning, social networking, or entertainment. As for large companies, it is expected that by 2027, 40% of them will use their digital twins to increase profits with the help of projects based on the metaverse.
Augmented reality is also called hybrid reality. The merging of the real and virtual worlds creates unknown hybrid threats to user security, who find themselves in new and as yet poorly regulated environments.
"Internet of things" as a vulnerable link for attacks
A refrigerator that automatically orders products as soon as they run out; a coffee machine that turns on when your alarm goes off; a glucometer that constantly monitors sugar levels and sends notifications to a smartphone - all these smart devices are the basis of the Internet of Things (IoT). This concept involves connecting any device to the Internet and exchanging data with other devices.
Everything around us, in fact, becomes a computer: from an iron to a car. And every computer, as you know, can be hacked. Therefore, in addition to convenience, this technology carries risks: cybercriminals are learning new ways to commit attack with such gadgets.
Changing the usual technologies: eSIM, access keys instead of passwords
SIM cards as physical objects, which have been used since the beginning of mobile communication, may very soon disappear into oblivion. Instead of a physical chip, so-called eSIM technology offers a digital code that can be transferred from an old phone to a new one. The technology became available as early as 2017, but Apple's decision to release the iPhone 14 in the US without a physical SIM card slot will force millions of people to start using eSIMs in 2023. This will make it easier to have multiple profiles with numbers from different carriers at the same time, and also eliminate the risk of physical loss or theft of the SIM card.
Another trend this year may be access keys (passkeys) instead of passwords. More and more services will switch to this technology. How does this work in practice? To log in to a certain application or website, instead of entering a password, you use a token (key) stored on your phone or computer and protected by fingerprint or facial recognition.