Infrastructure Archives - Cyber Secure Forum | Forum Events Ltd
Posts Tagged :

Infrastructure

Smart access: What if biometrics were the foolproof solution for infrastructure protection?

 960 640 Guest Post
By:
0
0

By Céline Littré, Product Marketing Manager at Linxens

Biometrics are already well known and used in sectors such as identity and payments, but their use could also be relevant to access control for both IT and physical infrastructures?

Access to IT infrastructures

As the number of reported cyber-attacks has multiplied, companies, which until recently were largely unprepared for the risks, have had no choice but to equip themselves to protect their IT infrastructures.

Today’s companies understand an attack can be costly and damage their business (compromising data, blocking production systems, etc.). According to Cybersecurity Ventures, in 2021 the cost of cyber-attacks was 6,000 billion euros…

Various technologies already exist to strengthen the security of digital access, in particular multi-factor authentication (MFA). However, these systems often rely on the use of a smartphone, which poses two main problems: firstly, not all employees have a work phone and may be reluctant to use their personal device to identify themselves, and secondly, the use of these devices in industrial or sensitive sites may be prohibited for security reasons. There are also USB key identification systems, but again the risk of theft or loss does not provide a satisfactory solution.

In this context, the biometric card can be a welcome alternative: paired with the holder’s computer, it unlocks access to all or some applications. Identity is verified by a biometric sensor on which the cardholder has previously stored his or her fingerprint. If lost or stolen, it’s useless.

Access to physical infrastructure

In addition to protecting digital space, access to physical infrastructure is also a security issue for organisations. Although access cards are the most common form of identification used by organisations, they do not guarantee infallible security. Cards can be lost or stolen and used to gain free access to the building. In this case, the biometric card offers additional protection. Its personalised use guarantees that the user of the badge or card is indeed its owner, thanks to a fingerprint recognition system.

A promising market waiting to grow

The use of biometrics in access control represents a real opportunity to strengthen infrastructure security. Considering what is at stake, and even though it costs more than a traditional card, companies are ready to take the plunge and protect their assets.

Thanks to the work already done for payment applications, cards are already available and in the customer testing phase, with only a few months to go before the first mass-produced models are available. The challenge for the use of biometric cards for physical access remains compatibility with the wide range of existing devices (card readers). Manufacturers are working hard to adapt these systems for rapid, simplified integration and adoption by businesses. 

What more, if anything, should governments be doing about cyber actors?

 960 640 Guest Post
By:
0
0

By Will Dixon, Global Head of the Academy and Community at ISTARI

Cyberattacks are becoming more frequent, and their potential consequences are becoming more severe. With Critical National Infrastructure and other important services constantly in the virtual crosshairs of both state actors and cybercriminals, it is entirely conceivable that an attack, or a series of attacks, will lead to significant public harm.

In the event that this happens, governments and law enforcement will find themselves facing calls to act. In the eyes of the public, we might assume that doing so would seem natural; after all, offensive cyber operations are not as risky as military operations in the real world, so why not do more to disrupt these groups?

The picture is, of course, not as simplistic. The negotiations currently taking place at the United Nations on a treaty on cybercrime are demonstrative of the complexity of getting international agreements on what constitutes a cybercrime. The penalties that should be enacted against the perpetrators and the powers global law enforcement agencies should have in order to prosecute these perpetrators are also up for debate.

That definition is fiercely contested, given the significant implications for countries such as Russia and China that want the definition to include terms allowing them to impose strict censorship laws and pursue dissidents. While this debate continues, the lack of agreed rules of the road is leading to action against cyber criminals.

Nonetheless, the relentlessness of cybercrime means that it is worth considering how governments and law enforcement should deal with cyber criminals. We have seen how knee-jerk reactions to major events have led to poor outcomes in the past. The cyber community should endeavour to avoid making the same mistakes.

Change in Policy

There needs to be more cooperation between national and supranational agencies, which includes better access to global data sources. This would require deep, scalable operations and partnerships with law enforcement agencies on an international scale. Some of these partnerships will likely involve countries that would rather not collaborate.

It will also require better collaboration between victim organisations and law enforcement, as the recent takedown of Hive, a ransomware group that targeted more than 1,500 victims in over 80 countries around the world, has shown. Close cooperation between victims and forensics investigators at the FBI ultimately allowed law enforcement to map and disrupt the entire Hive network. If law enforcement agencies want to do this on a wider scale, they must open their doors to victims and make sure that these victims are not afraid of further penalties for being more open about the events that resulted in an attack.

Implementing Positive Incentive Models

It is an unfortunate reality that there are not nearly enough cybersecurity companies or organisations that possess the bespoke capabilities, human resources, and training to safely secure the convergence of enterprise software, the Internet of Things (IoT), and Operational Technology (OT) environments associated with Critical National Infrastructure. Preventing harm to the public requires that we fix this.

While there are many negative incentive models, such as regulation and fines for non-compliance, this can only take us so far. More positive incentive models are needed, whereby the government works alongside the community to provide resources and the financial support required to create a strong ecosystem of organisations that can navigate the complexity of critical national infrastructure environments. There has been some evidence of this in the USA, such as the federal government’s investment in cybersecurity controls following the Colonial Pipeline attack. However, more meaningful public-private cooperation is needed in order to create the ecosystem of advanced capabilities we need.

Moving Forward

There is no escaping the fact that the cyber-threat level is growing, and it appears that we are on an unavoidable path towards law enforcement campaigns acting against cyber criminals. Whilst an appetite for more muscular action against cybercriminals is entirely understandable, we must also accept that it is not guaranteed to make a positive difference; campaigns against international criminal networks of other kinds have proved ineffective before. If we want to keep digital systems and the public they serve safe from harm, we need to invest more time and effort in creating the capabilities to do so.

MPs concerned over hacking threat to critical national infrastructure

 960 640 Stuart O'Brien
By:
0
0

Two thirds of MPs consider the compromise of critical national infrastructure to be the biggest cyber security threat facing the UK.

A year on from the cyber attack on parliamentary emails, a YouGov survey commissioned by NCC Group has gauged the opinions of MPs in the House of Commons with regards to their personal cyber security, the cyber risks associated with national security and societal wellbeing, and the consequences of a successful attack on parliament.

The results revealed that 62% of MPs across all regions, including 70% of Conservatives and 57% of Labour MPs, consider a compromise of critical national infrastructure to be the biggest risk.

Despite this common ground between MPs across parties on the threat to critical national infrastructure, the survey indicated divides with regards to the severity of other cyber threats. 42% of Conservatives said that they consider a compromise of nuclear capabilities to be one of the top two threats, compared to just 14% of Labour MPs, while 44% of Labour MPs considered democratic interference to be a significant threat, compared to 16% of Conservative MPs.

Alongside this, the survey highlighted that 75% of all MPs are concerned that a breach of their personal email could negatively affect the cyber security of the House of Commons, highlighting that most MPs understand the crucial role they personally play in enhancing the UK Parliament’s security posture.

It was also revealed that, in the event of a successful cyber attack, 73% of all MPs considered the breach of constituents’ privacy to be their biggest concern, alongside a leak of sensitive information relating to parliamentary business (46%).

These results have been released ahead of a meeting at the House of Commons, which addressed the cyber threats challenging the UK political landscape and outlined how MPs can best contribute towards tackling this growing threat.

Ollie Whitehouse, global chief technical officer at NCC Group: “It’s very positive to see that a majority of MPs are aware of the different threats we face and realise the gravitas of a successful attack, particularly with regards to our resilience as a nation.

“In recent years, the government has been proactive in implementing initiatives to strengthen the UK’s stance against evolving technical and geopolitical threats which attempt to compromise the integrity of our nations. MPs play a significant role in these initiatives, so it’s important to maintain continued education around modern threats and informed dialogue amongst all stakeholders. This will ensure that parliamentary staff at all levels understand the steps they need to take, in both their professional and personal lives, in order to address cyber risk head on.”

A third of UK infrastructure fails to meet basic cyber security standards

 960 640 Stuart O'Brien
By:
0
0

According to Freedom of Information requests by Corero Network Security, over a third of the UK’s critical infrastructure doesn’t meet the most basic cybersecurity standards.

The fact that so many infrastructure organisations have not completed the ’10 Steps to Cyber Security’ programme indicates a lack of cyber resilience within organisations which are critical to the functioning of UK society. It also suggests that some of these organisations could be liable for fines of up to £17m, or four per cent of global turnover, under the UK Government’s proposals to implement the EU’s Network and Information Systems (NIS) directive, from May 2018.

The Freedom of Information requests were sent by Corero, in March 2017, to 338 critical infrastructure organisations in the UK, including fire and rescue services, police forces, ambulance trusts, NHS trusts, energy suppliers and transport organisations. In total, 163 responses were received, with 63 organisations (39%) admitting to not having completed the ’10 Steps’ programme. Among responses from NHS Trusts, 42% admitted not having completed the programme.

Sean Newman, Director of Product Management at Corero, said: “Cyber attacks against national infrastructure have the potential to inflict significant, real-life disruption and prevent access to critical services that are vital to the functioning of our economy and society. These findings suggest that many such organisations are not as cyber resilient as they should be, in the face of growing and sophisticated cyber threats.”

Worryingly, the Freedom of Information data revealed that most UK critical infrastructure organisations (51%) are potentially vulnerable to these attacks, because they do not detect or mitigate short-duration surgical DDoS attacks on their networks. As a result, just 5% of these infrastructure operators admitted to experiencing DDoS attacks on their networks in the past year (to March 2017). However, if 90% of the DDoS attacks on their networks are also shorter than 30 minutes, as experienced by Corero customers, the real figure could be considerably higher.

Newman continued: “In the face of a DDoS attack, time is of the essence. Delays of minutes, tens-of-minutes, or more, before a DDoS attack is mitigated is not sufficient to ensure service availability, and could significantly impact the essential services provided by critical infrastructure organisations.

“By not detecting and investigating these short, surgical, DDoS attacks on their networks, infrastructure organisations could also be leaving their doors wide open for malware or ransomware attacks, data theft or more serious cyber attacks. To keep up with the growing sophistication and organisation of well-equipped and well-funded threat actors, it’s essential that organisations maintain comprehensive visibility across their networks, to instantly and automatically detect and block any potential DDoS incursions, as they arise.”