Anticipating what society will look like after the lockdown is no easy task. That being said, given the lightning speed of technological development, it doesn’t take a visionary to foresee the next challenges facing us in the world of cybersecurity in the short and medium term.
Has there actually been a change? Or are we just using the usual applications more?
The answer is unambiguous: yes, there is a change and a very significant one.
As people who take the lead from science, we can back up our predictions with detailed facts, using the data we have about the type of traffic that has moved through the Internet, as well as the services behind that traffic. The following table of data illustrates very clearly what is happening.
Internet traffic grew by 40% worldwide, but if we look a little closer, we see that the upstream traffic grew by 121%. This is clearly a new situation at technological level: we have gone from being receivers of data, to sending data massively.
A Breeding Ground for Hackers
It doesn’t take a genius to understand this development. Applications for telepresence, teleworking, virtual classrooms or simply talking to our loved ones are those most used these days and therefore we generate videos, sound and even data that we upload or exchange with others. All this brings about a complete paradigm change to the design of home networks, narrowing the gap between uploading and downloading data.
But there is also a very important factor behind this change: the traffic handled by these telepresence applications is UDP traffic. We probably need to explain to anyone not well read up on network technology that UDP traffic is a protocol focusing on speed, not quality, and therefore very far from the concepts of network security, a breeding ground for hackers.
As expected, most of the attacks carried out during March 2020 used the UDP traffic protocol (71%), camouflaged within the avalanche generated by the lockdown and use of telepresence applications. This poses a huge challenge for businesses as it is not easy to distinguish between trusted traffic and malicious traffic in the UDP protocol.
You can see the next question coming.
Can’t we just distinguish between “good” traffic and “bad” traffic?
Unfortunately not, the next challenge is inherent in the telepresence application. Digital identification has gone from being an option to being a necessity. The following image shows why.
The sector most affected by the lockdown is the labor market and we can see one of its direct effects in the above image (trend according to Google Trend on the word “SEPE”, i.e. Servicio Público de Empleo Estatal – State Public Employment Service): a surge in requests for various types of official formalities. With the lockdown measures applied, all the formalities had to be done through the Internet, so the question is obvious: how can we identify ourselves on the Internet?
Unfortunately, in Spain, the electronic ID is simply an option, far from being commonly applied, and the same is true of the digital certificate or any other system, so for the time being more rudimentary procedures have been used.
From a technological point of view, architectures like Blockchain (designed for this type of situation) have not yet arrived, so in the short and medium term the first step is to mitigate, that is, to filter the reliable users from those who have darker intentions, which 75% of the time are bots.
Nearly 30% of the Internet is malicious bots, that is, a third of the traffic that reaches public services is junk; it simply wastes resources or tries to find weaknesses in the system to gain some kind of advantage.
In the case of public administration and socially sensitive issues such as the aid provided by the Spanish state to its citizens, ensuring digital identity is a pressing need. It is not only a question of technology or security on the net, it is the new scenario that is being written, a world where the “face to face” is going to be replaced by telepresence. We did not foresee this scenario and, only logically, we are arriving late at the table, but it is a challenge we can take up by using the different technological and organizational solutions that we already have at hand.
Note: A version of this article originally appeared in ISMS Forum.