New front in cyberwar

IT SEC is focused on protecting Industrial control system (ICS), whose attack could have potentially catastrophic consequences for society

  • E-Mail
New front in cyberwar Amir A. Kolahzadeh, founder, CEO, IT SEC
By  David Ndichu Published  July 24, 2017

What are the demands of a modern security architecture?

Cybersecurity is no longer a layer of network-it’s now a fully developed framework policy and operational technology that must be placed in every enterprise no matter its size. We now look at security as a complete industry, albeit one that is still largely in its infancy.

The firewall has been around for at least 15 years, but this is exactly the problem. People have not realised that firewalls and anti-virus are just one factor in this huge equation of cybersecurity. Just because you have a firewall and the AV is up to date does not mean that you are protected.

Industrial control systems have emerged as a new lucrative target for cybercriminals. How can these critical environments be protected?

Industrial control system (ICS) control pretty much all the infrastructure we depend on. Our water, power, and everything that we call critical infrastructure is run on some sort of industrial control systems. Typically, these were closed legacy systems that were in vented before the invention of the internet. When organisations want to attach an external connected IP-based device such as a printer or a complex process of feeding a data source into it, they run into issues. This ends up opening a gateway to security breaches.

By all estimates, all ICS across the globe are under attack. The reason is that ICS are an amazing target. If you take over the power generation system for a large city, the stakes are far much higher than targeting someone’s PC.

Why are the challenges facing IT departments in securing ISC?

The difference is in having a security vision versus an IT vision. We will not look at these environments the same way an IT person would. From an at tacker’s perspective, they do not care what kind of ICS is in place or what is attached to it. They care about what is at its perimeter and how that perimeter can be breached. So, if that perimeter is breached, then how can devices that are in that network be accessed, and through those devices, access the ICS. PBX systems are a popular target to breach ICS because most industrial control systems have an interface for paging or for warning systems, most likely deployed after the fact. All these things have opened a back door. So, to be proactive in the market and to stay ahead of the hackers, IT needs to think like a hacker by thinking outside the box, being creative and being able to react regardless of protocols, policies and frameworks.

Every building live in Dubai has some type of industrial control system, a smaller model called the BMS or the building management system. It sets out some automation rules based on some certain factors, controlling elevators, HVAC systems or fire alarm systems.

This is one of the areas people are not paying attention to, and I predict that within the next twelve months, we will have major ransomware event where hackers will take over a building and take control over the heating and cooling, elevators and doors.

How can organisations overcome this challenge?

Security should be a parallel design infrastructure. You do not design your network first and then look at security design. You look at the IT infrastructure and the security network at the same time. That means the network engineer should work hand in hand with the network security engineer while designing the infrastructure.

Discuss how IT SEC can help?

We are working with many companies now as they are building their data centre in what we refer to as security architecture reveal. We take the network and we apply a posture on top of it and see what falls apart. We do the same thing with code for web and mobile applications. When you apply security standards while coding, you can ensure the code is much more secure. We are working with developers, hospitals, hotels etc. to bring awareness and bring the type of tools and defences that are necessary to protect and defend against such an attack. Digital signage is another area as static signs change into dynamic displays. Hackers could take over these signs and cause mass panic by faking an attack. People are concentrating on firewalls and the network and they are missing the whole picture while hackers operating at the outer perimeter. The days of the data breach and stealing credit cards are coming to an end because the chances of getting money from say credit card are very low, as that market dries up.

How do you see cybersecurity space evolving?

A new lucrative target is the HR department and trying to access CVs database.

If a hacker gets access to a company's HR database and steals emails with employees’ information, they can design a very successful spear phishing campaign using that data. This is in addition to social media where people are creating fake social media pages and sites to instigate phishing campaigns. Much of the information on organisations is in public domains, on social media and websites.

Ransomware was up 6000% in 2016 costing 1B dollars last year with 200,000 malware samples discovered every day. Up to 91% of all hacks have come from phishing emails. No firewall can stop a phishing email.

Some tend to think as attacks as isolated events. Security is a domino effect-it simply does not stop at a single organisation. If you have been affected, you have a social responsibility to make your company safer because an attack to you could enable multiple attacks from your systems.

The foundation to a sound cybersecurity framework and policy is a sound consistent awareness programme. Therefore, we are carrying out major awareness programmes on behalf of our customers through dynamic platforms or banners and posters. This includes carrying out company-wide phishing attacks to see who may click on them. 

We will be launch an app that an organisation can subscribe to through which we will send daily notifications and with security questions and post the results to HR. The idea is for cybersecurity to become a consistent training measurement and part of the performance review of employees. Once that is done, organisations can take out most of the risk.

We also have a safe social media app coming up in the next few months that checks social media profiles and delivers a security check to them. Understanding security individually and as a corporate is key and the IT security manager that implements such policy can eliminate 50-60% of threats.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code