The Information Age and Cyberthreats

The Information Age has brought many advantages for us all across the globe. Now, we can instantaneously communicate with each other by email or text messages. We can connect by using videoconferencing software and see each other in real time. We can send and receive files in a very efficient manner.

Our clients want to know if a cyberthreat can be prevented before it happens. The usual answer is that a complete prevention is not possible for several reasons. First, the technology that is being used may be susceptible for using legacy or open source technologies. In most cases, the network architecture is outdated and the electronic devices may not be able to properly communicate with each other. In other words, they are as smart as the least smart device within the framework. Second, most individuals do not update their software programs on a constant basis and do not participate in training programs. Third, the executive team of an organization must ensure that their technology experts understand and efficiently use the latest tools and techniques. Fourth, it has been proven that not one organization can have sufficient threat intelligence to fend off all kinds of cyberthreats by itself. As such, it is important to strive for real-time sharing of threat intelligence.

What Is a Cyberthreat and How Does It Happen?

A cyberthreat is any kind of attempt to gain unauthorized access to an electronic communication device which may include a computer, mobile phone, or storage device. The cybercriminals use various tools and techniques which may include social engineering or malware. Social engineering is a clandestine method to obtain information that can be used for the cyberthreat. It includes phishing attacks against the victim through social media websites (e.g., LinkedIn) and in most cases the victim is unaware of the scheme. It can also include baiting, pretexting, or vishing. The cybercriminals use malware to infiltrate electronic communication devices. Malware includes viruses, worms, trojans, ransomware, adware, or spyware.

The state and federal laws that have been implemented address the major legal issues. The United States and European Commission have enacted rules and regulations for data protection. For example, the GDPR requires organizations to update their data management systems. These laws grant the right to consumers to ensure their data is secure on network or database servers. However, cyberthreats are increasing for the following reasons: (1) multiple connections to external vendors; (2) increase in network-enabled devices; (3) increase in human-device connections; and (4) increase complexity levels of cyberthreats. The fact that an organization has multiple connections to its external vendors increases the cyberthreat risk. Furthermore, an increase in network-enable devices and human-device connections plays a big role in the cyberthreat’s complexity levels.

New and emerging technologies – e.g., IoT, AI, 5G, Cloud Storage – will have a direct impact on the risk levels. The Internet of Things has allowed the expansion of network connections between smart devices. It has been predicted that in the next decade there will be significant increase in smart device connectivity. Artificial Intelligence technologies are being used by organizations to enhance production. For 5G technologies, our research indicates that higher bandwidth may allow cybercriminals to instigate more effective attacks especially because 5G technologies employ an all software network infrastructure. Finally, cloud storage technologies will remain vulnerable even though some users think they are protected because they have voluntarily transferred their data to a third-party cloud storage provider.

It is important to know and understand the cyberthreat related issues. We work with clients regarding internet, technology, and computer laws. Please feel free to contact our law firm in order to speak with an attorney who has knowledge about internet and cybersecurity laws.