Ever since the Internet "exploded“ in the 1990s, reaching virtually every household in the developed world, the threat of hackers stealing data and destroying computers has been present.
And since the dawn of the Internet, those threats have been met with antivirus software, firewalls and other means of security aimed at keeping the intruders out.
However, following the recent security breaches in big companies such as Sony Pictures Entertainment (opens in new tab), or the second biggest U.S. health insurer Anthem (opens in new tab), which saw the companies damaged for millions of dollars, it’s becoming clearer that this protection system simply doesn’t work.
Instead, as experts on cybersecurity say, the attackers should be neutralised once they enter the system, Phys.org writes (opens in new tab).
But that’s a gamble, and first businesses must be convinced into trying a new approach.
According to U.S. cybersecurity company FireEye, hackers stick around inside the victim’s computer for an average of 229 days before being spotted.
The traditional defences must "have a description of the bad guys before they can help you find them," said Dave Merkel, chief technology officer at FireEye Inc. "That's just old and outmoded. And just doesn't work anymore," he said.
"There's no way to guarantee that you never are the victim of cyberattack."
The weakness of relying on a firewall is that it's like building a fence around a housing complex but not hiring a guard to patrol the interior streets, said Ed Amoroso, chief security officer at AT&T.
Even though there’s an increased awareness in the US and in Asia about cyber security and internet-related threats, many companies are still reluctant to spend more on keeping safe.