The China Hack shows the world just how desperately we need better visibility into our IT asset inventory. Do you know what’s going on in your IT environment?
It’s still not clear as to what extent data breaches have occurred at Apple, Amazon and many other US companies following Bloomberg’s report on China’s hardware supply chain attack which, up until now, was undetected. Unfortunately, even if you don’t think Chinese spies would want to hack your organisation’s network, unknown vulnerabilities could be discovered and exploited by cybercriminals to gain access to business critical infrastructure in the future.
Let the Panic Unravel
When big hacks like this hit the headlines, everyone jumps into crisis management mode to answer a flurry of burning questions that all boil down to one concern: are we exposed? Company executives want to know, the press wants to know and your customers want to know. It can be really difficult to give them answers unless you have all the information you need of the whereabouts of every IT asset that’s in use across your enterprise. In situations like this, the only way through the chaos is establishing what you have and making informed decisions about what actions to take; moving as quickly as possible through the process will help mitigate the damage.
What you need to know in a Hardware Supply Chain Hack Crisis
- Exposure: The first question to ask yourself is, “which of our assets are vulnerable to the hack?” To answer this, you need to have a reliable inventory that is frequently refreshed with automated hardware discovery agents. Then the data has to be normalised and housed in a central data warehouse to make it usable for analysis, which means it has to contain model numbers and specifics, and lineage data so compromised equipment can be accurately identified and you can assess your exposure.
- Response: Following the chaos and questions about exposure, all the attention quickly turns to a solution. When planning to replace exposed hardware, how do you know that the new hardware doesn’t have the same problem? And, how do you know that it is compatible with your existing systems? One risk in rapid fixes is that they can break other things in the process. It’s important to consider more than just computing specs. Power consumption, heat dissipation, dimensions and operating temperature requirements can cause problems if not considered. Having access to rich information about hardware assets in the market can speed this stage up significantly.
- Getting ahead of next time: How do you make sure you’re ready to quickly respond to the next new hardware supply chain attack? You’re going to need more detailed information about all the hardware in your asset database and a way to keep it up-to-date. For that to happen, you need to ensure your suppliers make that information available either directly to you, or in a data library that is easily accessible. A response plan and staff trained to quickly pull and use the information are also a key part of being prepared.
The Real Problem? Transparency
Data breaches can be financially devastating. According to a report by IBM and the Ponemon Institute, the average cost of a data breach for Australian organisations in 2017 was $2.5 million, while larger breaches can range into the hundreds of millions. The number of data breaches in Asia-Pacific accounted for approximately 38 per cent data breaches internationally, according to the 2018 Gemalto Breach Level Index. With that looming risk in mind, how can you prepare yourself to respond to supply chain hacks? There’s a parallel here to the food industry where health problems caused by specific ingredients can have catastrophic impacts on a business, making transparency essential around ingredients and date codes. What if businesses required hardware suppliers to provide details on commoditised code-containing parts that were used in their products, for example? Setting new precedent around the type of supplier ingredient data is what can protect businesses in the future, and help to minimise the risk.
Committing to an Industry Solution
Incidents like these highlight the importance of transparency. In order for IT departments to overcome these challenges, a platform that provides clarity and intelligence over the organisation’s assets is crucial. Once this is achieved, IT departments in all industries will be much better equipped to respond to and prevent security breaches from hardware, software, SaaS or Cloud assets.