Governments and international business are only just waking up to the threats posed by a lack of cyber security. Sophisticated systems, interconnecting across international borders, are increasingly being targeted by cyber criminals, terrorist groups and foreign governments as a way of stealing data, blackmailing and virus attack. Business is failing to meet the challenge posed by these threats.
Cyber attacks by governments; criminals and terrorists are becoming increasingly sophisticated
CYBER threats are a serious concern to our technology-driven lifestyle.
Hacking now appears to be an organized way for governments and others to spy and make direct attacks. This marks a change in warfare from conventional arms to a new cyber war which is also used by criminal organizations and terrorist groups harnessing the computerized world to blackmail companies, international businesses and governments.
United States President Barack Obama has intensified his administration’s efforts to fight the growing threat from cyber space. But many US security experts fear that America is in a race against time and already losing the fight. For example, I was reading an article in the New York Times written by MICHAEL D. SHEAR and SCOTT SHANEJUNE 12, 2015 with the headline “White House Weighs Sanctions After Second Breach of a Computer System” with a statement from President Obama that there is a ultimatum concerning the attack concerning the stolen documents and that there has to be a solution for this within 30 days as of 12 June 2015.
America’s national intelligence director, James R. Clapper, has said that major cyberspace attacks could cripple America’s critical infrastructure, economy and services
The real threat to the US appears to come from cyber espionage by China. There are growing fears, highlighted in June 2015, that countries – particularly Iran and China – could use attacks to sabotage US infrastructure.
America’s national intelligence director, James R. Clapper, has said that major cyberspace attacks could cripple America’s critical infrastructure, economy and services. He said such attacks, although they might not happen in the next two years, were the ‘most immediate threat to the United States‘.
Prominent attacks
For the first time, he listed them ahead of international terrorism in the catalogue of dangers.
Some History:
The New York Times, the Wall Street Journal, Bloomberg News and other American media accused China in January 2013 of committing cyber attacks against them. The attacks happened after the media published reports of the personal wealth of high ranking government and Chinese Politburo members and their family clans, including that of China’s former premier, Wen Jiabao.
Dossier contents
- Europe takes new steps to fight cyber crime
- Challenges for the EU’s policies on cyber crime
- Cooperation needed across the EU to thwart cyber attacks
- Cyber attacks are set to increase in sophistication and size
- Attacks on energy infrastructures are increasing globally
- German energy’s growing vulnerability to cyber attack
- The vulnerability of critical infrastructures
- Cyber security firms uncover threats from Stuxnet to Red October
- Pressure mounts on China over alleged cyber attacks
- United States grows more fearful of ‘war’ in cyber space
Other prominent successful cyber attacks have been reported by:
Apple Devices, 2012 – Hackers claimed to have stolen 12 million records, including full names, addresses and mobile phone numbers of owners of Apple iPhones, iPads and iPods
Five international Stock Exchanges, 2012 – Worldwide computer failures in New York, Madrid and Tokyo in August and London and Sweden in December
International Monetary Fund (IMF), 2011 – Large-scale and well-planned attack on a database containing information which could influence the market, including confidential details of international aid
Citigroup, 2011 – Hackers stole data on 200,000 borrowers, including addresses and passwords
Dropbox, 2011 – A popular service for storing documents and other files in a computing cloud was hacked
Economic warfare
Comodo Group, 2011 – Internet security firm used by 676 organisations providing website authentication certificates for browsers operated by Google, Yahoo, Microsoft, Skype and Mozilla was hacked
Nasdaq Stock Exchange, New York 2011 – Hacked, but trading system not breached
Lockheed Martin, 2010-2011 – Industrial espionage, allegedly from China
MasterCard, Visa and PayPal, 2010 – Group of anonymous hackers from around the world declared ‘cyber war’ on these companies because they refused to pass donations to Wikileaks
Google, 2009-2010 – Google and 30 other high-tech companies hacked in the US
Sony website, 2010 – Theft of personal information such as passwords, email and postal addresses of more than 52,000 customers
Energy industry, United Kingdom and other countries, 2009 – ‘Night Dragon’ virus attacks on the energy industry since November 2009, allegedly emanating from China
The US Congress has labelled China ‘the most threatening actor in cyberspace’, accusing it of conducting economic cyber warfare against the US, the EU and other countries. There is evidence of Chinese government involvement in the last few years.
Super worms
A report from American cyber security firm Mandiant in February 2013 claimed that a Chinese hacking group from the People’s Liberation Army (PLA), called APT1 (Advanced Persistent Threat), has stolen hundreds of terabytes of sensitive commercial and government data from 141 organisations across 20 industries and 15 countries since 2006.
Cyber attacks, codenamed Night Dragon, allegedly carried out by China against global energy and petrochemical companies, were identified in November 2009.
But the US is also an active player in this field. It may have the most powerful offensive cyber espionage and warfare capabilities in the world.
It is equally seen as the most vulnerable country, with insufficient defensive capabilities in its civilian and military sectors due to the heavy reliance on networked technologies and old infrastructure which lack embedded cyber safety and security systems.
Cyber attacks focus on compromising computers within an organisation, but also, increasingly, on the theft of specific data and intellectual property.
The US Congress has labelled China ‘the most threatening actor in cyberspace’, accusing it of conducting economic cyber warfare against the US, the EU and other countries
Hackers are designing increasingly sophisticated cyber attack systems. And experts believe the discovery of new ‘super worms’, codenamed Flame, Duqu, Gauss and Red October, could be just the tip of the iceberg.
Hostile governments
Cyber security firms have discovered systems aimed at sabotaging and spying on governments, private companies and organisations since the emergence of the Stuxnet virus in 2010.
Stuxnet was the first cyber worm developed specifically to monitor, attack and manipulate industrial control centres and their Supervisory Control and Data Acquisition (SCADA) systems. The Stuxnet worm, believed to have been developed by the United States and Israel in 2010, is still spreading and has not only infected Iranian SCADA systems but more than 100,000 computers worldwide.
Energy and energy companies are increasingly worried about the threat to critical energy infrastructures from cyber space. This is more likely to be carried out by hostile governments and organised crime.
The most worrying factor is that the industry is aware of the imminence of such attacks but lacks expertise to make their systems secure.
Almost every individual service is directly or indirectly dependent on a secure power supply and the size and complexity of the physical, virtual and logical networks has soared.
A major cyber attack could result in a total collapse of power supply to individual regions which could cascade across a country, and potentially neighbouring countries. But as systems become more complex, the effects of small power fluctuations are also unpredictable.
Malicious software
The internet was founded on the principles of inter-operability, openness and neutrality. But as the network becomes more complicated and sophisticated, these principles are putting users – particularly in the energy industry – at increasing economic, political and geostrategic risk. The internet networks simply become vulnerable for critical energy infrastructures and the corporate sector.
Disruption of energy supplies, manipulations and theft of data and technical failures of the electricity grid can have serious and potentially catastrophic impacts on businesses, organisations and private households.
The SCADA systems have been considered the most important, but also the most unprotected networks of all until very recently.
A cyber attack on the US company Telvent, which makes smart grid software, has highlighted the security challenges of SCADA systems.
The attack installed malicious software and accessed project files. Telvent’s SCADA system is used in the electric power, oil, and gas sectors in the US.
The access by hackers to the SCADA project files may have provided an opportunity to study Telvent’s technology, create malicious code to alter the technology, and implement malicious code into it at a later stage.
The first cyber assault against a European electricity grid operator to be admitted publicly struck the German power utility company, 50Hertz in 2012. The attack failed to disrupt energy supplies.
This incident confirmed Germany’s vulnerability to attack and made clear that it is struggling to adequately address the risks.
Disaster recovery
Cyber security experts warn that the German government and industry are focussed so much on the direct challenges of the transition to a sustainable economy by means of renewable energy, energy efficiency and sustainable development that cyber threats are being ignored, underestimated and insufficiently addressed.
Almost half the companies surveyed in 2012 by the German technology association, Bitkom, admitted they had no disaster recovery plan in the event of an attack. The European Commission has declared that companies will have to take data protection more seriously and disclose the extent of cyber attacks.
New trends in cyber attacks are emerging which threaten to provoke unprecedented crises to a country’s economy, safety, health, sanitation and civil peace.
Organized cyber criminals are using technology to spy, steal data and blackmail individuals, companies and governments.
The attacks are often borderless by nature. Any successful fight against these threats requires effective, adequate and comprehensive cross-border cooperation and mutual assistance in law enforcement operations.
Limited awareness
Security policies in general – and international cyber security policies in particular – have begun to distinguish between cyber threats to national or European security and threats to the functioning of the market economy as well as against private property.
The EU’s cyber security policies have to balance effective counter strategies against new cyber threats, with the objectives of protecting individual liberties and the right to informational-self-determination and democracy as a whole.
New trends in cyber attacks are emerging which threaten to provoke unprecedented crises to a country’s economy, safety, health, sanitation and civil peace
A first step to address common risks and vulnerabilities has been to enhance European coordination on information security by establishing the European Network and Information Security Agency (ENISA) in 2004. However the role of the EU as a comprehensive and transnational security provider for its citizens depends on how well the role is defined. This requires the agreement of the member states.
Critical infrastructures (CIs) are all characterized by their high levels of internal complexity, dependency and vulnerability. Specific responsibilities, laws and regulations vary widely among the 28 EU member states.
But given the EU’s high dependence on private critical infrastructures, successful cyber security and defence strategies require consistent and comprehensive cooperation between government departments and the private sector.
The EU has become increasingly aware of the potential dangers posed by such cyber attacks on CIs.
The European Commission announced the EU’s first cyber security strategy – ‘An Open, Safe and Secure Cyberspace’ – in February 2013.
But awareness of cyber threats among the public and in organizations is still limited. Thinking the unthinkable should be the guidance for future security.
My Solution for these kinds of security and vulnerability attacks, there is a very good company with the right skillset to do these jobs, despite the fact that other companies claim to have the best solution but it is basically only about how adult your company is and how serious you taken your security.
Let me introduce the company to you, and feel free to contact them.
P@SSPORT is your partner in security, availability, compliance and business continuity that ties everything together, simplifies management & support and allows your company to focus on business needs and opportunities. Our mission is to make sure You Are In Control!
We build upon a group of specialists in the areas of Enterprise Architecture, Connectivity, Security, Storage & Disaster Recovery, Active Directory, Virtualization, Compliance and Reconnaissance. Together we are shaping cyber resilient environments for companies.
To be able to visualize and communicate our ideas we have devised the concept of the Grey, Orange and Red Network and building on HIPAA, SOX, NERC i.e. we have developed our patented Triple A Framework, delivering high standard security and ease of compliance.
Triple A building blocks
* Authentication And Access
* Authorization And Audit
* Availability And Disaster Recovery
Triple A is a Cyber-resilience Framework. Implementing Triple A will create a transparent and easy manageable environment to practice Threat, Vulnerability, Identity And Access and Trust Management. Our focus has been and is on facilitating this with lack of internal knowledge and other available customer resources in mind since security is not your company’s core business.
We believe that to be able to capitalize on the opportunities that hyper-connectivity, visualized by the Grey Network, brings and at the same time control (defend) your valuable assets, visualized by the Red Network. No direct connections from the Grey towards the Red Network should be possible. We consider every device connecting to your internal assets as untrusted and are able to build a secure remote access environment around that principle. We call this environment the “Access Control Domain” please check our website for more detailed informationhttp://cybersecuritypass.com/
Till next time and thanks for the time to read this blog.
Prof. Dr. Henk Jan Jansen