Advertisement Advertisement

By VARINDIA    2017-04-17

Methodology to Protect Critical Assets from Cyberattacks

Cyberspace has joined air, sea, land, and outer space as an arena of military interest, but the concept of cyberwarfare continues to evolve beyond the grasp of military leaders.
 
The strength of a nation is measured mainly by its economic success, social progression, scientific and technological advances, and military power. The role of a nation’s military is to protect its citizens and territory; a secure populace has the freedom to maintain and develop its economy. However, with the rise of cyberwarfare, citizens, corporations, and governments are left vulnerable to cyberattacks via computers and communications systems. This requires a dramatic shift in military tactics and functionality. Nations are now open to forms of attack besides physical force; one can undermine countries’ economic strength by paralyzing the economic values of civilians through covert cyberattacks. Governments operate largely in cyberspace with highly sensitive information, and traditional military services will likely soon expand to protect state information from cyberattacks. 

 

The damage that cyberattacks could potentially inflict on a nation and its industrial control systems is significantly more threatening than the damage that would result from attacks on IT systems. A review of a number of such cases in the past year shows that attackers are now more interested in targeted attacks on industrial control systems. Therefore, this is a good time to assess how we protect these systems.


(Follow to Fortinet report) Industrial control systems (ICS) are computerized systems that supervise the physical processes such as electricity transmission, transportation of gas and oil through pipelines, water supply, traffic lights, and other systems that are used as the foundation of modern society. Supervisory control and data acquisition (SCADA) systems are the branch of ICS that manages the electronic exchange of data. In recent years, these control systems - on which our most critical infrastructures and manufacturing industries depend – have been under sophisticated cyberattacks with alarming frequency. 

 

An example of such an attack occurred in 2011 when hackers damaged a main water pump in Chicago, Illinois; it is believed that they gained access to the utility’s network and broke the pump by remotely turning it on and off quickly. The Federal Bureau of Investigation and the Department of Homeland Security launched an investigation of the case, which has sparked fears of hackers’ infiltration and subsequent paralysis of public systems that are essential to the safety of our society.

 

Another example of a recent cyberattack occurred in India at the beginning of this year, when hackers infiltrated the systems of three government-owned banks to create fake trade documents, which were used to conduct illegal purchases and to raise funds abroad. To try to determine whether their systems have been hacked and tampered with, and to try to prevent future hacks, banks now have to check the documents that were shared through SWIFT (Society for Worldwide Interbank Financial Telecommunication) against the actual documents at their base. Finding the origin of these attacks and tracing the hackers can be a daunting task, involving “obtaining logs from ISPs and other entities since international data travels over the Internet straddling multiple service providers across geographies.”  Officials are left struggling to keep up with the rapidly advancing cyberattack methods and technologies, with the hackers usually working one step ahead.

 

So what is needed to combat the enemy on what is clearly the most threatening emerging battleground of our world? The answer, like the problem, is complex. But it clearly requires a new way of thinking about security, the military, and the government, as well as new strategies, fields of study, and technological tools. In an age when our most sensitive information and most valuable assets are stored electronically, cybersecurity has become one of the most important fields in which individuals, businesses, and governments must invest.

 

In concluding the first of a series of articles written by Mrs. Carmit Yadin, the Vital Intelligence Group CISO, it is well noted that the author who is from Israel appears to be insinuating that the cyber threatsfaced by a tiny powerhouse of security excellence pave the wayin methods that are indeed consistent with the countries general national security concept.We hereby assume that learning and understanding that advancing and ongoing cyber security measures must not only be proactive but must in many ways be predicative as well.

By Carmit Yadin, CISO and Director of Cyber Division, Vital Intelligence Group

Advertisement