4 August 2021

The lego blocks of cybersecurity

By Ts. Dr Kelvin Yong Sheng Chek

What are your day-to-day activities like? For some, it can be a usual day in the office where they start typing away after a quick coffee chat with their colleagues. Others can be watching Netflix, playing online games, learning new skills or even trying to stay connected with their family or friends online. In a lot of our day-to-day activities, especially the ones involving technology, do you know that many cybersecurity solutions are being put in place to ensure that you can do what you do safely and with no interruption?

If I were to ask you what are the cybersecurity solutions you know, I guess many of you will quickly answer anti-virus! Yes, that is indeed one of the cybersecurity solutions or countermeasures that we frequently use to protect ourselves in the cyber realm, but did you know that there are a lot of other solutions out there that protect us without our knowledge? These various solutions form the building block to provide a more secure cyber world. Let me introduce to you some of them.

When you are roaming around in the cyber realm, either filling in forms, sending emails, surfing the internet, or checking your bank account details, have you ever wondered who else can see this personal information? We will be very concerned if anyone can see and read our private information such as our bank account information. But fret not, as we prevent that by using a technique called encryption.

Encryption, in layman term, just mean to scramble our message in a way that only the sender and the intended receiver will be able to make sense of it. Anyone else who manages to get hold of this encrypted message will only see the scrambled and gibberish message. You might hear about the fuss of desiring end-to-end encryption. This is because encrypted message that stays encrypted from the sender point to the receiver’s side is safer than the message that was decrypted halfway and encrypted again by some intermediary point before continuing its path to the receiver’s side.

Checking emails is not something uncommon to many people nowadays. Did you notice that your email application has a junk or spam folder? How does your application know what email is considered junk or spam? This is done using a feature called spam filter where it looks for characteristics of an email that fit the spam or junk email criteria. If the email seems like a junk or spam email, it will be placed in this folder and many aspects of the email will be blocked such as preventing you from downloading the attachment or view the images to protect you.

We now know how we can protect our data through encryption and our emails through the spam filter. How about preventing unwanted data from coming into our network? Our network is pretty much like our house. The best and foolproof way to prevent strangers from entering is to seal the doors and windows entirely but of course that is not practical. Instead, we lock our doors and windows where only the permitted person will be able to unlock it.

Similarly, for our network, we have the firewall technology to inspect the data that enters and exits the network, and decide whether the data is permitted to pass through in the first place. If the data is not in the allowed list or pattern, the data is discarded. That way, we can be sure only the legitimate data can pass through our network while keeping the malicious data out.

Then again, nothing is perfect. While a firewall is effective to filter out malicious network traffic, some attacks will eventually get through. Worry not, as there are two technologies that we can count on namely intrusion detection system (IDS) and intrusion prevention system (IPS). The systems are a bit like the enforcers who check everyone for SOP compliance. The IDS and IPS do the same thing by constantly checking your network and alert the network administrator if they detect anything suspicious. The IPS goes further than IDS, where it does not only detect but attempt to prevent the ongoing attack. While IPS performs better than IDS in terms of functionality, it does have its own weaknesses.

The technologies related to cybersecurity mentioned in this article are just a fragment of the technologies that are available nowadays. They are there to keep us safe while we venture into the cyber realm on a daily basis, not knowing the ‘heroes’ behind the scene. But even with the many technologies to keep us safe, we cannot be complacent as hackers are constantly looking for new ways to defeat these technologies. There is a growing need for professionals to strengthen the current technologies against these attackers and also to develop new technologies to keep everyone safe.

Ts. Dr Kelvin Yong Sheng Chek is a lecturer at Swinburne University of Technology Sarawak Campus. He can be reached via email at kscyong@swinburne.edu.my.