Security upgrades needed with growing cyberwar threats

Industrial systems, transport and power grid infrastructures are still vulnerable, panelists said this week

Countries need to take steps to upgrade critical infrastructure for protection from attacks by cybercombatants or rival countries conducting cyberwarfare, security experts said at a panel discussion this week.

Critical infrastructure such as industrial systems, transportation and power grids are easy targets for cyberattacks and people responsible for IT and national security are worried about the future, said Eugene Kaspersky, founder of Kaspersky Lab, during a panel discussion that was part of the company's Endpoint Security 8 launch event in New York. Cyberattacks could cause massive damage to the tune of billions of dollars, he said.

Some attacks in recent memory such as Stuxnet, which hit industrial systems, and the Blaster worm, which possibly hurt the electrical grid on the U.S. East Coast, were damaging and exposed the weaknesses of national infrastructures, Kaspersky said. Countries like North Korea, China, the U.S. and South Korea, and organizations like NATO are establishing cybermilitary units to protect infrastructure and respond to attacks.

"The question is this year, next year, do we expect to see similar incidents? Yes or no? The answer is obvious. Yes. It will happen," Kaspersky said.

Systems need to be built around a secure OS environment and government regulation is needed, especially for industrial software design, panelists said. Stuxnet wreaked havoc because of dated software design and poorly trained software engineers. Attack techniques are getting more sophisticated, but even simplistic hack techniques can hurt infrastructure.

"The interesting thing about Stuxnet is that the attack itself against Siemens was incredibly simple," said Gary McGraw, CTO of Cigital. "It used to work in online games in 2004."

But today's online games are much more advanced in tackling security threats, while the industrial systems still have a ways to go, McGraw said.

"You can't hack 'World of Warcraft' with this attack, but you can hack nuclear power plants," McGraw said.

In addition to protecting their interests, countries also need to work together to protect infrastructure from cybercrime. One idea proposed by Kaspersky was the establishment of an international cyberpolice unit to fight cybercrime.

"I call it Internet Interpol," Kaspersky said.

Online criminals are well-organized globally, and many attacks are carried out by script kiddies. The Internet has no borders, so there has to be international involvement to keep cybercriminals in check, Kaspersky said.

"They have much more money than IT engineers and security software engineers," Kaspersky said.

Some organizations hacked this year include Sony, Lockheed Martin, the U.S. Department of Defense, NASA, Google, the U.S. Central Intelligence Agency, Citibank and the European Commission.

Companies can fight back with better processes and technologies to identify and mitigate threats, said panelist Steve Adegbite, director of cyber-innovations at Lockheed Martin Information Technology.

Hackers go through a series of key events to execute an attack, and companies need well-trained engineers and processes to identify and disrupt potential threats, Adegbite said.

Beyond protecting endpoints, data on the cloud also needs to be protected. Banks of data are moving online, and if there's economic gain, hackers will target the cloud, Adegbite said.

"We're going to have to get faster, we're going to have to get better technology, and we're going to have faster and better processes," Adegbite said.

Many businesses will likely not move large data banks to the cloud, but retain important data at the endpoint, some panelists said.

Some suggestions on how to secure data in the cloud were also proposed at the Interop trade show this week in New York.

IT managers can set up rights for mobile devices to access certain documents in the cloud based on location, said Sujai Hajela, vice president and general manager of Cisco's wireless networking business unit in the network services group.

For example, if a doctor logs in from a hotspot such as a cafe, access can be limited to email, but not secure documents such as electronic medical records, Hajela said.

Join the CSO newsletter!

Error: Please check your email address.

Tags securitykaspersky lab

More about ASACiscoCitigroupEuropean CommissionGoogleInteropInterpolKasperskyKasperskyLockheed MartinNASANATOSiemensSonyTechnology

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Agam Shah

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place