The development of digital societies and economies is gaining pace around the world. With this momentum comes the heightened requirement to ensure the infrastructure, connected, intelligent devices and sensors on which this transformation is based are protected from compromise.
From e-services, to m-services, and now smart-services, the levels of instrumentation, interconnectivity and intelligence within digitised environments is rising. We believe that it is crucial for a ‘fourth i’ referring to immunity be included in the outlook and further development of connected societies, and a robust cyber security framework established.
DarkMatter recommends that organisations, and indeed participants within smart city ecosystems, adopt a pro-active approach to cyber security resilience in which they assume a state of breach in order to develop the defences and mitigation mechanisms to minimise any possible disruption caused by a cyber security incident.
Entities need to better understand their respective risk profiles before any mitigation can begin in earnest. This involves understanding their assets, the full range of threats they may face and from whom, and the vulnerabilities. For digitised societies to become successful and sustainable they need to develop end-to-end monitoring and mitigation protocols in the face of cyber threats.
Growing media coverage of breaches globally indicates that the number and sophistication of cyber attacks is rising, and nations, organisations, and individuals have to become better protected against such threats.
A recent attack against the SWIFT (Society for Worldwide Interbank Telecommunication) international financial transaction system, for example, focused attention on the potential cascading threat of an interconnected yet not fully integrated system.
Unknown hackers broke into the Bangladesh central bank’s systems and stole credentials for payment transfers. The hackers then bombarded the Federal Reserve Bank of New York with nearly three dozen requests to move money from the Bangladesh bank's account there to entities in the Philippines and Sri Lanka Bank, successfully transferring US$ 81 million of an intended US$ 1 billion.
It was subsequently reported in the media that the cyber security credentials of the Bangladesh central bank were below par, with a named British defence contractor having shown that the SWIFT software used to make payments was compromised, enabling the hackers to send money around the world without leaving any trace in Bangladesh. The entry of the hack into the global financial transaction system raises concern over the systemic integrity of the entire network, which has 3,000 financial institution owners and users.
In another cyber security breach that was widely reported on, last December over 200,000 buildings lost power in the Ukraine, endangering lives during the coldest time of year, caused by a targeted control-system attack.
Cyber incident statistics from across the globe also paint a very real picture of systems and networks being placed under significant and persistent threat. For example, a total of 295 incidents involving critical infrastructure in the US were reported to the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) in the fiscal year 2015, compared to 245 in the previous year, reflecting a 20% increase year-on-year.
Cyber attacks that threaten national security doubled in a year in the UK in 2015 with the country now facing up to seven serious assaults every day, intelligence agency GCHQ revealed late last year. The agency identified 200 cyber attacks every month in 2015 that either targeted critical organisations and networks or came from significant sources, such as hostile states. That compares to 100 a month in summer 2014.
In the UAE, Symantec’s Internet Security Threat Report 2016 ranks the UAE as the eighth most targeted country by cyber attacks in the world in 2015, but yet the country’s population ranks it in 113th position globally.
In the same report, Symantec estimated that over half a billion personal electronic records were stolen or lost in 2015, with 430 million new malware variants having been discovered globally in 2015, up 36% from the year earlier.
In the face of these sophisticated and evolving cyber threats, DarkMatter remains committed to protecting infrastructure from cyber threats. Mitigation is central to achieving this goal and is a three-part process encompassing visibility, intelligence and integration.
Visibility means truly understanding the configuration of your network and most importantly who has access to it. Large companies in particular, often maintain networks patched together over decades, running different generations of software. It’s a simple truth that you can’t protect what you don’t understand; a thorough audit is vital at the start of any mitigation process. Sophisticated mapping software can certainly accelerate this process, but ultimately a comprehensive audit requires people on the ground to ask the right questions and find the location of servers and access rights.
Intelligence relates individual system’s characteristics to the known threats and a network’s vulnerabilities in relation to them; it takes the threat intelligence gathered in the risk assessment process and relates it to the specifics of the organisation’s system.
Integration aggregates the information found in the first two phases, and displays them in a format that can be readily understood by decision makers to enable them to act quickly. In particular, attacks should be logged and diagnosed in a systematic fashion.
Awareness and understanding of the scale and scope of cyber security threats needs to be communicated widely, resulting in an appreciation that technologies, tools, processes and systems that helped secure data in the past, are exactly that, from the past. As nations digitise, resiliency and security become paramount. Innovative, end-to-end, and dynamic methods of protection are required, as digital infrastructure becomes more integrated, more things become connected and the amounts of data being transmitted increases exponentially.
Digitisation is a fantastic opportunity for nations to make citizens safer; for companies to become more efficient and successful; and for individuals to live more fulfilling and happier lives. However, the increased threat surface as a result of the growth in instrumentation, intelligence and interconnectivity is clear and present, and needs to be managed so as not to undermine the gains from digital transformation.
If smart watches contain more processing power than a 1970s supercomputer, it can safely be assumed that we can no longer view cyber security as simply a niche activity of interest only to intelligence services and the IT departments of multi-nationals. Over the next decade cyber security is going to become an issue for everyone, and unlike traditional security functions provided by the state, maintaining cyber safety has to be devolved to the level of the individual.
There are simply too many servers connected to the web to entrust cyber security solely to state enforcement bodies. This is not a counsel for despair but a call to raise awareness and educate the population about their responsibilities in keeping themselves safe from attack. It’s going to be a challenging time ahead, but with the right planning, commitment to innovation and sensible practices, nations, companies, and individuals can effectively mitigate cyber security attacks.
At DarkMatter we believe in the what; so what; and now what approach to cyber security.