Some of the threats the government has to worry about fall squarely into the Not My Problem category. While North Korea firing missiles is certainly worrying, it isn’t a direct threat to the average person, and there’s nothing the average person can realistically do in response that wouldn’t somehow bizarrely complicate the matter.
However, when it comes to the leading online threats governments are worrying about, if the average person has a business or website, then the average person has to worry about them too because chances are, if they’re being aimed at governments, they’re being aimed at everyone else as well.
Here are a few developments governments are keeping an eye on, and you should too.
Increasingly brilliant DDoS attacks
Distributed denial of service or DDoS attacks are some of the most well-known attacks currently bounding around the internet. They are not some previously undiscovered cyber predator leaving everyone scratching their heads when they strike. DDoS attacks have had so much publicity over the last few years they’re practically a Kardashian. So why can’t they be stopped? Why are government websites and services still toppling in the face these attacks? Since 2015 the list of governments and government services affected by high-profile DDoS attacks those in the United States, Canada, the United Kingdom Russia, Ukraine, the Netherlands, Thailand, Brazil, Luxembourg, spin the globe and point a finger because that country was probably hit too.
Governments are being affected for the same reason everything from small businesses to major enterprises are buckling under the strain of these attacks as well: because DDoS attacks keep getting bigger and/or smarter and not enough websites and businesses are using the kind of leading DDoS protection that can keep pace or even get out ahead of attackers. Until granular traffic inspection and processing power that can handle itself in this era of the terabit attack are considered standard, and until a time to mitigation that comes in under 10 seconds is the only time to mitigation that’s acceptable, DDoS attacks will keep winning.
Increasingly encrypted traffic
Let’s make this clear off the hop: the recent increase in websites encrypting connections is, overall, a good thing for internet users and websites alike. It prevents man in the middle or other eavesdropping attacks and can give websites a boost in search engine rankings thanks to Google’s preference for https.
However, with a rise in both legitimate and malicious traffic encryption, it’s becoming harder for the public sector to both identify and monitor threats. For government intelligence agencies this means difficulty tracking cyber threats as well as tracking the communications of terrorist groups and other potential security threats. The private sector may not have much to do with the war on terror, but encrypted cyberthreats are a huge problem that’s only going to grow. Gartner predicts that by 2020 a stunning 70% of malware will be hidden in encrypted traffic, and that 60% of corporate security teams will struggle to decrypt traffic efficiently.
Increasingly malicious malware
Speaking of malware. Whether it’s ransomware that can be automatically launched without requiring human assistance, North Korean-backed malware designed to steal sensitive information from industries like healthcare, telecommunications and critical infrastructure, or malware that is actually designed to kill by sabotaging safety systems intended to prevent fatal accidents, government agencies have good reason to be concerned about the increasing variety of malware and the increasingly dire consequences of it.
Organizations in the private sector are unfortunately in the same malware-fearing boat. The current malware landscape is one rife with chaos and security operation centers are struggling to gain ground on these ever-increasing threats.
Getting ahead of the threats
In addition to the leading DDoS protection mentioned above, organizations can try to contend with these government-level threats by positioning cybersecurity measures at the edge of the network, where not only can security be more proactive but malicious or attack traffic can be handled before it ever reaches its target.
In order to deal with encrypted traffic, organizations need to look into technology that can decrypt each traffic packet, analyze the contents to scan for suspicious or malicious activity, then re-encrypt legitimate traffic to protect the connection. Handling sophisticated malware that evades signature-based detection will likely require machine learning. There’s no saying what getting a new NAFTA deal done is going to take but luckily, that’s solely a government problem.