The Black Hat Wakeup Call – wait for a disaster or listen to the pros?

Black Hat and Dark Reading’s attendee survey from their recent 2017 Black Hat Europe event is a wake-up call to company stakeholders, boards, and information and operational security practitioners; yielding some significant findings about the perceptions of the current threat landscape. Survey participants were sourced predominantly from IT and security backgrounds throughout Europe, and the results cover a wide range of cyber-security concerns and defense capabilities. Black Hat’s goal was to gain insight into the state of cybersecurity in Europe, particularly the perception of threat. The survey’s findings shed light on the concerns professionals have about major breaches, and these findings should be considered a wakeup call for critical infrastructure.

Critical Infrastructure – the centerpiece

The most striking takeaway from the survey was that 77% of respondents “believe a cyber attack will breach critical infrastructure across European countries within the next two years.” In hindsight this is not unexpected, as we’ve certainly seen the number of cyber attacks against critical infrastructure grow both inside and outside of Europe. In the U.S. for example, cyber attacks on critical infrastructure such as power utilities and oil & gas have risen dramatically in recent years.

Equally interesting, this finding concerning critical infrastructure points to the threat emanating from a highly sophisticated source. The survey found that 32% of respondents believe that cyber espionage by major nation-states such as Russia and China pose the biggest threat to EU critical infrastructure.

These figures reflect a new reality that data networks are not the sole target of cyber attack; operational networks which enable the most basic public services also have become prime targets. Again, in hindsight it comes as no surprise to see these concerns front of mind for European security practitioners, after witnessing multiple high profile cyber attacks on industrial systems executed by neighboring countries over the past few years.

High impact threats

Another troubling finding was that 33% of respondents expect targeted attacks (sophisticated attacks aimed directly at the organization) to be the greatest concern in 2 years’ time. This includes 29% of top executives citing targeted attacks as their highest security concern. Targeted attacks and zero-day attacks are particularly worrisome for critical infrastructure as these types of attacks and malware can go essentially undetected for extended periods of time – leaving industrial control networks in a state of dormant compromise unbeknownst to the owners and operators.

Targeted ransomware appears to be an attack method that is increasingly economically viable for attackers, with critical infrastructure as the potential injured party. Critical infrastructure is a prime target as such infrastructures can affect large numbers of people, necessitating a quick resolution and possible pay-out. Recent attacks on hospitals in California and a major Canadian company led to a major pay-out to cyber criminals.

The cost of compliance

The final data point of interest in Black Hat’s survey is that 29% of respondents listed believe that compliance with industry and regulatory security guidelines consumes the greatest portion of IT security budgets, despite the fact that practitioners consider compliance a low priority. It’s clear that though professionals are aware of the cyber risks to critical infrastructure, they don’t feel they have the resources necessary to deal with it.

Unidirectional solution – 3 birds with one stone

There is no question that the issues and threats that surfaced in the Black Hat survey point to a general feeling of lack of preparation. However, that does not mean that the necessary defenses don’t exist. In fact, unidirectional gateway technology thoroughly addresses every one of these issues raised by the Black Hat survey: critical infrastructure, compliance, and ransomware. Unidirectional Security Gateways prevent remote cyber attacks, including targeted ransomware, by creating a physical, hardware-enforced barrier between operational networks and corporate networks. Critical infrastructure is absolutely protected from remote attacks, borne from nation states or otherwise. Additionally, unidirectional gateway technology reduces security and compliance operations costs, since many industry regulations, best practices, and guidelines in fact recommend unidirectional technology.

The implications of a major attack on critical infrastructure are indeed concerning, and InfoSec leaders expect that a “major” attack is imminent. This speaks volumes to the current European cyber security climate, which has evolved to this state over many years. Unidirectional Gateways have been deployed in Europe for most of a decade now, and will play a huge role in reliably defeating attacks and protecting public services at sites with the gateways deployed. The BlackHat survey is wake-up call, let’s do something about it.