The recent Petya ransomware attack, which centered on Ukraine, has highlighted the growing global cyber threat. Swiss scientists have developed new defences to protect both businesses and individuals from attack.
A big part of the problem is that the internet was designed decades ago when the most powerful super-computer had less oomph than today’s smartphone, a cyber risks summit at Zurich’s Federal Institute of Technology (ETHZ) heard.
Imagine walking home at night with no choice of the route you take. You could be sent along a well-lit, guarded road or a back alley frequented by muggers. The random nature of routing data through cyberspace makes it vulnerable to theft, hijacking or manipulation, argues Adrian Perrig, head of ETHZ’s Network Security Group.
He has worked out a means of tearing down the obsolete architecture of delivering data and replacing it with an armour-plated version. This goes by the name of ‘Scalability, Control and Isolation on Next-Generation Networks’ – or SCION for short.
SCION creates protected, autonomous bubbles that only connect with other trusted bubbles. The controllers of these secure spaces can choose which routes their data takes when moving it from A to B. Perrig has persuaded Swiss state telecoms provider Swisscom and the foundation Switch, which registers .ch domain names, to give their backing to the open source system.
“No other architecture has been designed specifically for security,” he said at the cyber risks summit on Monday. Perrig estimates that Switzerland could completely adapt to the SCION system with an outlay of CHF25 million ($26 million). Several companies have expressed an interest in using SCION, including a Swiss bank.
SCION provides protection against data hijacking and Distributed Denial of Service (DDoS) attacks but not ransomware such as Petya or WannaCry.
Other ETHZ researchers claim to have found a more efficient method of identifying cyberattacks before they can cause real damage. They joined forces with the Swiss army’s procurement and technology department, armasuisse, after defence contractor RUAG was hacked by Advanced Persistent Threat (APT) malware.
The bug stole around 23 gigabytes of data between 2014 and 2016 before being discovered. ETHZ and armasuisse have developed an APT early warning system that identifies differences in the way the bug communicates compared to normal web browsing activities.
The first task was to build a more complete fingerprint of normal website browsing chatter. In trials, researchers then had a 99.5% success rate at distinguishing unusual malware signals. They also claim that the system, which will be taken to the market by ETHZ spin-off company Exeon Analyticsexternal link, can identify malware within minutes of infection.
The system can also quickly detect ransomware attacks, but lead ETHZ researcher Laurent Vanbever said that would not be enough to prevent damage if malware starts encrypting data immediately after infection. While swift detection is a crucial factor in defending against cyberattacks, Vanbever’s system does not switch off the malware.
“The best protection against ransomware is to stop the malware getting into the computer,” he told swissinfo.ch. “People need to constantly keep their systems updated [with patches].”
The Summit on Cyber Risks at ETHZ heard that computer hackers who steal personal data and empty bank accounts can also pose a serious threat to health. A hacker could, for example, fatally tamper with a heart pacemaker or compromise the autopilot function in a driverless car.
In the not too distant future, when household appliances are digitally connected, it could be possible to mischievously turn off a fridge, change the air conditioning temperature or switch off light in any household.
It is already possible to spoof GPS systems to tell users that they are somewhere other than their current location. Car thieves can also hack electronic locking devices to steal cars or gain entry to buildings.
In the order of three billion passwords have been stolen over the last nine years, the summit heard.
Some 88% of Swiss firms recently told a recent KPMG survey they had been hit by cyber attacks.
Defences against cyber attacks around the world are stretched. Typically, more sophisticated encryption techniques (including biometrics) and software patches are employed. More recently, artificially intelligent machines have been programmed to learn patterns of behaviour and spot anomalies.
“This flaw can be exploited infinitely,” said Úlfar Erlingsson, head of security research at Google. “Millions of people can be affected [by cyberattacks] within hours.”