INTELLIGENT BRANDS // Enterprise Security
Experts respond to cyberrisk concern for UK ’ s traffic control systems
/////////////////////////////
Experts have responded to comments about cybersecurity risks posed to the UK ’ s critical infrastructure . General Sir Christopher Deverell , Commander of the UK ’ s Joint Forces Command , warned that systems were at risk of cyberattack , with road systems one of several potential points that could be targeted .
Andrea Carcano , Nozomi Networks ’ Chief Product Officer , also commented : “ The reality is that the UK ’ s infrastructure and those in every developed country globally , is being continually probed , not just by nation states but equally by criminals , hactivists and even curious hobbyists . With each incursion , both successful but also those that are thwarted , the attackers will learn what has worked , what hasn ’ t and what can be improved for the next try .
“ The challenge for those charged with protecting our critical infrastructure is visibility as you can ’ t protect what you don ’ t know exists . A total of 80 % of the industrial facilities we [ Nozomi ] visit do not have up-todate lists of assets or network diagrams .
“ Ironically , this doesn ’ t pose a problem to criminals who are using readily available open source tools to query their targets and build a picture of what makes up their network environment and is potentially vulnerable – be it a power plant , factory assembly line or our transport infrastructure as Sir Deverell suggests .
“ Our [ Nozomi ] researchers recently embarked on a project to create a security testing and fuzzing tool , using open-source software ( OSS ), capable of automatically finding vulnerabilities in proprietary protocols used by ICS devices . Using just this tool and in a limited time period , they identified eight zero-day vulnerabilities that , if exploited could be used to shut-down the controllers ( i . e . DoS attack ) to being unable to manage the devices through their software and potentially the corruption of normal processes which could be extremely serious or even fatal . As the cybersecurity risk to critical infrastructure and manufacturing organisations increases , it is important for enterprises to actively monitor and secure operational technology ( OT ) networks . An important aspect of this is having complete visibility to OT networks and assets and their cybersecurity and process risks .”
Sean Newman , Director at Corero Network Security , said that there were many good reasons for connecting operational and information networks , including efficiency and effectiveness . However , this opens up operational controls to potential attacks from across the Internet , where previously they were completely isolated and only accessible from the inside .
“ The potential for such attacks has been growing for several years now , as more and more systems become ‘ connected ’. “ It ’ s reasonable to assume it ’ s more a matter of time , than if , so the operators of such systems need to be fully cognisant of the potential risks and deploy all reasonable protection to minimise it .
“ This includes preventing remote access to such systems , as well as real-time defences against DDoS attacks which could disrupt their operation or prevent legitimate access for operation and control purposes .”
Michael Fabien , Principal Consultant at Synopsys , said : “ Any time new pathways to these systems are added , they must be properly secured based on their individual characteristics following a risk-based approach .” With the increase in risk , the opportunity for directed cyberattacks also increases . Potential attackers range from hobbyists to nation-states , disrupting infrastructure . Now , the actual risk versus the perceived risk is complete speculation and is about as difficult to predict as the next location lightning will strike . That said , the precedent for infrastructure disruption as a powerful means of attack has already been set globally . •
www . intelligentcio . com INTELLIGENTCIO 81