Cyber defense, present, and future.

The picture shows the security measures on the Internet. Symbolizes cybersecurity.
The picture shows the security measures on the Internet. Symbolizes cybersecurity.

Cybersecurity, protection of personal and business information should be a top priority for any IT company.


Cybersecurity in the modern world.

I wrote this article at the beginning of the year but decided not to publish it, as I thought it was too early. The article lay on the shelf a little, my opinion has not changed over time but only strengthened.
Now in the world, there is one system of protection and it is called passive. Modern antivirus programs such as Eset Nord 32, Norton, Bitdefender, Intego, TotalAV, McAfee, and many others, not so well-known, are essentially passive protection systems.
Each of these protections has an anchor that clings to the user's computer in the form of a file agent. Moreover, they are attached to the system disk, where the system files are located. This is the vulnerability of such passive protection systems. This chain is quite possible to get to the system files. What are these agents for? And in order to prevent unauthorized use of the product. That is, the focus is not on the safety of the end-user of the product, but on the money that can be obtained from the user. As a rule, companies are not responsible for incorrect or harmful actions of users, for data leakage to the Internet, or the personal data of the user.
Modern information security tools are not perfect. They are a "layer cake". Attackers look for vulnerabilities in this "pie" and make a puncture by stealing information or committing other illegal actions. I absolutely do not understand the reasons that induce developers to more and more improve the protection system without changing the very principle of protection. That is, the "pie" becomes thicker, but does not become stronger from this. The protection system becomes bulkier and not agile. There is no flexibility in it and it is not always able to correctly respond to this or that danger emanating from the Internet.
The principle of absolute prohibition works, which leads to absurd results. The user of the product is removed from the control of the product, and he cannot make his changes to the program at the level available to him. For a moment, the user paid money. And he has the right to use the product as he pleases. But that right is being denied to him by the companies he paid. Absurd, and complete. And this is not a business, in my understanding.
I am proposing other protection systems, which are called: active, cascade, hybrid.
Active protection is protection that is able not only to protect data but also to track from which device an attempt was made to penetrate. Any penetration leaves a mark. And active protection having found this trail like a bloodhound dog follows the trail to the intruder's device. Active protection (antivirus) penetrates the attacker's device and destroys all information on his device. Any evil must be punished. Since there are no laws on the Internet, it means that you need to take justice into your own hands and punish the perpetrators, wherever they are and no matter what weight they have in society.
You say that such actions are legal nihilism. I do not agree with you, for the reason that now no one protects users on the Internet. Their personal and business information is safely stolen and used at their own discretion. And as it would not be sad, such large companies as Google, Amazon, Oracle are engaged in this.
Impunity gives rise to permissiveness.
Internet users do not have available leverage to influence the illegal actions of such companies and other cybercriminals, of which there are quite a lot of them on the Internet now. Since the era of the pandemic, many people have switched to work, study and play on the Internet.
So what will active defense do? Its main function is to protect against leaks of personal and business information to the Internet and to punish intruders. A tough and adequate response must be given to every action by fraudsters.
There should be no warnings, banditry, and this cannot be called otherwise, should be punished. Protection, following the trail, constantly changes its code and can be mimicked as a harmless program.
Once in the intruder's device, it behaves like a normal program, quietly allows itself to be scanned by the protection system. This program is compressed and has several subroutines in its shell. The trigger is the end of the check by the protection system. And it doesn't matter where exactly the program got to, the important thing is that it constantly changes its code. The so-called polymorphic virus program. As it unfolds, it begins to act like a virus, destroying the files of the enemy. Turning off your computer and disconnecting your computer from the network does not affect its performance in any way.
Cascade system for protecting user information. This is a multilevel protection system. Each level is stronger than the previous one. This protection, in my opinion, makes it pointless for an attacker to compromise the system. This system will be built on the basis of AI.
When exposed to the first level, an alarm system is triggered, which is built into the protection but is in standby mode. This mini-system triggers alarms to other levels. And at these levels, the generation of the enhanced security code begins. Also, this protection should provide for reset or zeroing of levels. What does it mean? When the first level is hacked, the virus enters the second level, where the system drops it to the first level, which by that time had updated its protection program. And the malicious program starts to break the protection again. Repetition occurs up to two times on the first level, 4 on the second, 6 on the third, and so on. The cascades will not be placed linearly. Plus, they will change their priority after each cycle.
It is good to use this kind of protection in combination with active protection.
This is how, in my opinion, modern protection should work.
And those protections that are used now do not meet modern requirements, they are morally outdated.