The move to True Random Encryption and Micro-segmentation
There are trends in the business and technology of cyber defense that must change, or cyber-attacks are going to get a lot worse and fast. There is a simple fact about hacking. If you can see it and determine what it is doing you can hack it. Legacy cyber defense approaches are reaching their limit and new technologies cybersecurity must move forward to minimally reach parity with cyber-attack technologies. A non-deterministic cyber defense technologies can achieve and exceed this parity. See pdf for details.
Legacy approaches in Cybersecurity Intrusion Protection Systems
Both Cybersecurity Intrusion Protection Systems (IPS) and Intrusion Detection Systems (IDS) share the same problem when it comes to securing and determining a cyber-attack. They in most part use software or deterministic static mathematical algorithms that can both be hacked. Software can be exploited to access digital systems and processes while static mathematical algorithms with a beginning and end can be defined by file size and cracked by super and soon to come quantum computers.
First looking at IPS encryption, criminals can crack security when they can anticipate and predict the actions, behaviors, and outputs of their target’s processes. They can determine cyphertext, key size, or how keys and passwords are communicated between end-points. These constants to all current static IPS technologies can break the most sophisticated and complex authentication and encryption algorithms. Also, data at rest signatures and keys can and have been stolen.
The Danger of AI in Cyber Defense
Artificial Intelligence (AI) and Deep Learning also has significant value but also vulnerabilities in Intrusion Detection Systems (IDS). Although these technologies are being used in cybersecurity to detect security anomalies and breaches, they are many times doing this without any encryption security hardening. You now have software touching deeply into operational and control system that could be opening a vulnerable actuary. These actuaries can open and close data or in the physical world access and even control a machine action.
There are solutions to these cyber defense problems, but they require changes to how we secure our digital systems today. To address encryption security, you must first eliminate authentication signatures and encryption keys. If you can see it or store it, you can hack it. Both signatures and encryption keys have been stolen in massive volumes. You also have the complexity of distributing and managing these signatures and keys that are prone to both human and digital error. Due to their static algorithm profile they are also deterministic which means they can be identified, seen and cracked.
Intrusion prevention encryption has a solid and simple solution. Don’t encode and decode static encryption. Use encode and a stochastic randomization decrypt engine at the processor end-point. Criminals can crack security when they can anticipate and predict the actions, behaviors, and outputs of their target’s processes. Even a quantum computer can’t hack real-time randomization that occurs in milliseconds at the processor level. These techniques are available and working and offer a whole new uncrackable level of fast low overhead encryption.
Intrusion Detection Systems in Artificial Intelligence (AI) has two problems that it needs to address. First you need to harden the AI Deep Learning software. If you are going to use software to view possible cyber-attacks, then you are just opening additional vulnerabilities. You must minimally harden AI software with proper encryption or offer a way other than software and static algorithms to validate and the software event processes to detect attack anomalies.
The decentralization of digital processes by a technology called Blockchain is also showing great promise in cyber defense technologies. Blockchain is a continuously growing list of records, called blocks, which are linked and secured using cryptography. Each block typically contains a hash pointer as a link to a previous block, a timestamp and transaction data. By design, blockchains are inherently resistant to modification of the data.
Even these technologies though have been hacked due to weaknesses in encryption and being run on a public network verses a VPN or cloaked Layer 2 type private network. By adding the proper encryption and private network cyber defense technologies to blockchain, this technology shows great promise in a variety of applications and industries. Blockchain alone is not the answer though. By adding low overhead layered security enhancements, we can achieve a solid security platform.
Existing legacy cyber defense technologies can no longer support the massive amount of digital processes occurring today and with the massive increase projected in the near future. The largest increase in these digital processes will come from the Internet of Thing technologies (IoT). IoT will increase process end point by billions while offering minimal processing space for cyber defense technologies. It is these very technologies that are forcing changes in Cyber Defense technologies today.