Shay Nahari, Head of Red
Team services, CyberArk
industry unlocked
Hacks to our critical national infrastructure (CNI)
– including utilities like water and energy supplies,
which countries require to function on a daily basis
– have become a major cause for concern in the
last 12 months. Shay Nahari, Head of Red Team
services, CyberArk, outlines the steps that need to
be taken to manage the credentials that provide
access to and control over such critical national
infrastructure and ensure they remain secure.
44
C
Cast your mind back to December 2017. You
may remember reading how hackers managed
to close down industrial operations at a
petrochemical plant in the Middle East using a
form of malware called Triton. attention. Given the critical nature of
the alerts, they should serve as a call to
immediately evaluate the cybersecurity
procedures used to safeguard these
emergency warning systems.
At the time this attack did not appear to
represent a watershed. However, in the last 12
months attention has turned to how hackers with
malicious intentions could seize control of the
critical infrastructures of cities and nation states,
including systems managing national resources
such as energy and water supplies. But how exactly did these breaches
come about? One emerged from a
supposedly ‘innocuous’ source, as it
turns out.
Recent research published by IBM, for example,
discovered 17 zero-day vulnerabilities in the
smart systems governing various critical city
infrastructures, including in flood defences, traffic
monitoring systems and radiation detection. The
research team specifically warned that a hacker
could easily manipulate emergency systems
to get rid of protections or dissemble alerts
designed to warn people of catastrophic events. In the case of the fake Japanese and
Hawaiian missile strikes, both alerts
can be attributed to employee error. In
the Hawaii case specifically, the false
alarm was sent out via Twitter. This case
was exacerbated by the fact that the
governor forgot his Twitter username
and password and could not log on to
reassure the public fast enough.
The security threat to our critical national
infrastructure (CNI) is abundantly clear. But the
threat goes beyond research – it is a tangible
reality and there are already many concerning
examples which require analysis. Previously,
one of the more prominent examples was
Stuxnet, the malware which famously infected
an Iranian nuclear plant and caused its uranium
centrifuges to fail. As social media becomes an ever more
crucial medium to communicate with
the general public and CNI attacks
potentially begin to grow in prominence,
all government officials who use social
media for emergency communications
must immediately review how they are
managing these accounts to eliminate
the chance that a forgotten password
could delay the relaying of important
information. Reviews must also make
sure that social media platforms such
as Twitter, for example, are hardened
But, more recently, the recent erroneous
missile strike alerts in Japan and Hawaii, which
caused substantial civil disruption, have drawn
Employee error and puzzling
passwords wreak havoc
Issue 09
|
www.intelligentciso.com