What will happen if all cyber security experts disappear in the world

What will happen if all cyber security experts disappear in the world

Greeting! My name is Roman Panin, I am the head of IT architecture at MTS. Today we will talk about what will happen if there are no cyber security experts left in the world. There will be a serious threat not only to the IT world, but also to the entire humanity that uses the fruits of information technology.

Web services, IT systems, mobile applications, company infrastructure, energy and refinery control centers, user data, classified documents and everything that has ever been digitized will be affected.

There will be no one to build information protection systems, improve and adapt them to current threats from cybercriminals. In the case of a real-time attack, there will be no one to resist and try to prevent the invasion.

Hacker groups will be able to effectively attack computer systems, steal confidential information, conduct large-scale cyber attacks on critical infrastructure, which can lead to catastrophic consequences for society.

Key threats

In order to understand how the world can change, I propose to move away from those security threats that surround us every day.

Business and companies

It is fair to mention here DDoS or any other attacks targeting company resources such as websites, web services, public APIs, external security perimeter or mobile applications through which the business provides services to customers.

Now it is all protected by various security tools, but if there is no one to maintain them, then all the aforementioned resources can be hacked on the same day when hacker groups set their eyes on them. As a result, not only the company’s business and profit figures may be affected, but also user data, to which attackers will gain access.

You also need to understand that the larger the company, the more people it employs, and the larger its infrastructure and number of services/products. All of this inevitably increases the attack surface and the value of resources stored inside the security loop, which only fuels the interest of hackers and other miscreants.

Threats from the world of ordinary citizens

Ordinary people, who do not even know about the existence of cyber security, are exposed to a number of dangers from the outside world. Phishing and other social engineering, infecting personal devices with malware, and using compromised personal data to cause harm in real life are real threats.

We should also not forget that humanity is developing and continues to surround itself with automation and technology wherever possible. And that means the world of the Internet of Things (IoT) is expanding, creating new risks for such devices to be hacked and used by attackers to eavesdrop, monitor and steal information.

People are now protected by the security mechanisms that have been put into sites, mobile applications and devices by those experts who, according to our theory, can disappear. And if this happens, then ordinary citizens will have to cope with the threats that surround them in the modern world.

Municipal institutions

In addition to commercial companies, there are also those that are created and exist not for financial gain, but to ensure the livelihood of states and people.

This applies to various hospitals, energy and education sectors, etc. Unfortunately, some hacker groups do not consider it shameful to choose such institutions as their target. Moreover, many of them do not always think about the consequences that can be caused by a banal blackout of a hospital building or a CHP boiler.

Even now, similar institutions do not always pay due attention to cyber security issues, but it is there, and it stands guard over our data, lives, and the life support of entire cities and states.

State apparatus

Threats also exist at the highest level — the level of state management. The most popular APT groups scattered all over the world are targeting them.

In the absence of resistance from security forces, not only citizens and private companies, but also entire countries and their governing bodies can be under attack. If, as a result of targeted attacks, the courts, tax and executive authorities begin to fail, it can plunge the entire population and peaceful citizens into anarchy.

Cyberespionage, arms control, and government strategic plans will also become uncontrollable. And this, in turn, can endanger the entire world balance.

So what will happen

The picture is not the most pleasant. Let’s take a closer look at how exactly this process will proceed.

Routine cyber attacks

At first everything will be fine, because already configured security systems (such as AntiDDoS, WAF, IDS/IPS, etc.) can work partially offline. Established detection and response rules will deal with current attacks for some time.

However, there is a nuance: not all actions related to responding to information security incidents can be automated. So, for example, in the SOC, no one will follow the monitoring of anomalies and try to understand whether this or that event is an incipient cyber attack.

Well, if someone tries to penetrate the perimeter of the company or otherwise harm it, then isolating network segments, zeroing out access, rebalancing the load and carrying out other procedures to solve the problem will be banal for no one.

After it’s all over, you’ll need to understand how the hack happened, what systems and data it touched, whether the attacker left any traces, who’s to blame, and how to avoid it in the future. And since there are no cyber security specialists in our world, it will be banal that there is no one to fully investigate the incident.

Exploitation of new vulnerabilities and 0day protection

New ones will appear gradually zero-day vulnerabilities, which will be banal and there is no one to close. All current technologies will be filled with new security holes, which will make them unusable and applicable on current infrastructure.

And what is 0day?

Vulnerabilities against which protection mechanisms are still developed.

Yes, software manufacturers will release security updates for their products, but it will no longer be possible to do it as correctly and promptly as before. This will lead to the fact that vulnerabilities will accumulate, be reproduced repeatedly, and the business will suffer colossal losses.

In addition, without cybersecurity experts, the likelihood of sensitive information being leaked, stolen, or misused increases significantly.

Chaos and anarchy

The lack of experienced specialists will increase the risk of attacks on critical infrastructure, such as water supply, energy, transport systems, which can lead to serious consequences for society.

At some point, it will also affect state authorities, which will make it very difficult or even impossible to manage all services and processes at the country level. That’s when the hacker groups will start to rule the ball, dictating their terms and getting maximum powers from companies and governments to rule the whole world.

This can lead to people abandoning technology, smartphones, computers, and even the Internet, because all of this will do more harm than good. Here we will begin to roll back to the past stages of the evolution of technologies, infrastructure and processes, which will make life more difficult, but safer.

Conclusion

For us, the comfort of life and the feeling of security are important every day, although we don’t think about it so often when we are in the comfort zone. But given that technology has penetrated so deeply into our lives, more and more companies are transforming towards IT, and people surround themselves with more and more gadgets, ensuring the security of all of the above is literally necessary for us to continue to improve our lives and move ahead.

In this article, I have listed just a few of the consequences of the lack of cybersecurity professionals, which clearly show the importance of this area for the entire industry (and the entire world), and once again emphasize the importance of supporting and developing professionals in this field.

The material was prepared together with the editorial staff of ProductStar. Click here to learn more about us.

ProductStar – online school of IT professions, part of the RBC holding. You can subscribe to our development channel at Telegram and familiarize yourself with our catalog programming courses.

Related posts