The Evolution of Cybersecurity: Part 2
Written by: Lindsay McKay
If you have not read Part 1 of this series, give it a read to learn about the first hackers, the ARPANET, the first computer worm, the anti-virus boom, and cybersecurity starting to get recognized and the rise of cybersecurity courses. In Part 2, we will be continuing our discussion on cybersecurity getting recognized by different governments, discussing different cybersecurity technologies, the rise of connected devices, and cyber-attacks on automobiles.
The United States government recognized the need for cybersecurity defence in 2001 when the newly founded Homeland Security established the National Cyber Security Division, the United States government's first official task force dedicated to cybersecurity. In Canada, it was not until 2010 that the Canadian government developed its first cybersecurity strategy under Public Safety Canada. In 2018 both the US and Canadian governments founded new cybersecurity divisions. The Cybersecurity and Infrastructure Security Agency (CISA) is a standalone United States federal agency, an operational component under the Department of Homeland Security. While in Canada, the Canadian Centre for Cyber Security (CCCS) was developed. The CCCS consolidated the existing operational cyber-security units of several federal government organizations, including Public Safety Canada's Canadian Cyber Incident Response Centre, Shared Services Canada's Security Operations Centre, and the CSE's Information Technology Security branch.
Many cybersecurity technologies have been created to help protect the everyday user, their passwords, purchases, identities, and communications. Two of the earliest ones that we still use today are two-factor authentication and firewalls.
First made official in 1986 with a key fob, two-factor authentication (2FA) is a way to provide evidence in two different ways of who you are. It became available on the internet for the general population in 2010 when Google introduced it to its users after the Chinese government was targeting email accounts looking for human rights activists. For most people, their 2FA includes their login information, a knowledge factor and then either a possession factor or an inherence factor. A possession factor is something the user has, such as an ID card, a security token, a cellphone, a mobile device or a smartphone app. An inherence factor is usually biometric such as a fingerprint or face/voice recognition. Some companies talk of using 3FA, the third evidence could be a location factor or a time factor.
Network Security: Firewalls
Network security is a subset of cybersecurity that focuses on protecting the data flowing over the network against viruses and worms. While cybersecurity ensures to protect all digital data, network security ensures to protect the transit data only. Cybersecurity professionals handle network security for large organizations, making sure they obtain and deploy the best firewalls, vulnerability scanners, malware detection software and others measures to harden the network’s defences. The first firewall was developed in the 1980s, operating mainly on the first four layers of the Open Systems Interconnection (OSI). In 1993, application-level firewalls leaped forward, and the first open-source firewall was released. New generations of firewalls are being developed all the time. Join the industry of network security with Network+ training courses to learn about emerging technologies and the best way to managed networks for organizations.
The Rise of Connected Devices
As of 2020, it is estimated that there are roughly 6.8 internet-connected devices per person around the globe. Each device has its data, security networks, and vulnerabilities. With each year, this number will grow more and more as more smart devices are incorporated into people's lives. A connected device or Internet of Things (IoT) is any physical device that is connected to the internet that wouldn’t normally be expected to have an internet connection, collecting and sharing data. But how did this start? Earlier than you may think. The idea of adding sensors and intelligence to basic objects was discussed throughout the 1980s and 90s, one of the early projects was an internet-connected vending machine at Carnegie University. During this time, processors were too cheap and chips too big to allow objects to communicate effectively. The first IoT device is said to be a toaster that automatically lowered that bread into the toaster using a big, clunky computer connected by TCP/IP protocol; this was the first ‘thing' of the internet and was introduced at an exhibition show in 1990. In 1999, Kevin Ashton coined the term “Internet of Things” it took at least another decade for the technology to catch up to what he envisioned.
Today we have smart kitchens, doorbells, lighting, Google Home and Amazon Echo, locks, medical sensors, Amazon grocery stores that automatically charge your items to your account, security cameras, and so much the list could go on and on. All the companies that provide these devices and collect all the data must employ cybersecurity professionals with Security+ training to ensure the best security strategies are employed to mitigate and prevent attacks. A strong cybersecurity team is also typically rounded out by professionals who have A+ training or CySA+ training, so there are lots of opportunities to be had.
From Computers to Vehicles
Unless you are driving a smart car, you may not realize your vehicle is practically a rolling laptop with a wide array of vehicle control systems controlled by sophisticated onboard computers. Do you have a touchscreen in your vehicle? Then your vehicle is also wi-fi and Bluetooth capable and connected to cell networks. In 2015, we got a glimpse of what is it at stake when a team of security researchers remotely hacked into a Jeep Cherokee and were able to steer the wheel, briefly disable the breaks, and shut off the engine. The white-hat hackers (research team) are working with automakers to patch these vulnerabilities.
The evolution of cybersecurity is fascinating, become part of the future through taking cybersecurity courses to start your journey in cybersecurity.
Read our previous blog: The Evolution of Cybersecurity: Part 1