Different continents point to similar concerns
The Black Hat Asia 2018 attendee survey polled IT and security professionals from 12 East Asian countries, Australia and elsewhere, asking about the threats and challenges they are most concerned with, the attacks and attackers they fear most, as well as their cybersecurity posture. The main takeaway from the survey is that security professionals across the globe are reaching a growing consensus, sharing a high level of concern over targeted cyberattacks and potential breaches of critical infrastructure. The same concern was echoed in the previous BlackHat survey that polled European security professionals several months ago, leaving no room for interpretation – targeted cyber security threats are security professionals’ next frontier, and they are becoming global.
The Asian survey revealed the following top three pain points:
- 67% of the respondents believe that a successful cyber attack affecting the critical infrastructure of multiple Asian countries will occur in the next two years
- 56% of security professionals confess that their greatest concern is sophisticated cyberattacks targeted directly at their organization
- 29% reported that their organizations’ security spending is consumed by compliance costs
Just as we saw with the BlackHat Europe Survey, cyber attacks on critical infrastructure, targeted attacks and compliance costs are also the main three concerns expressed in the Asia survey outcome. In our three birds in one stone post, we analyzed these concerns and explained how deploying Waterfall Unidirectional Gateways address these three issues. This post will be focusing on the other findings surfacing from the Asian survey: the top 3 feared attacks to critical infrastructure, and cyber espionage by large nation states.
How to reliably defeat the top three cyber threats to critical infrastructure
When asked about the type of cyber attacks that threatened them most, operational sabotage and data theft came in fourth. This is a clear change in perception, realizing that when protecting critical infrastructure, operational sabotage is a much greater concern than IT data theft or sabotage. The undesired consequences of an OT breach can result in plant shutdown, equipment mis-operation, financial loss or even in an environmental catastrophe and loss of human lives. The top three types of cyber attacks Asian security professionals fear the most are:
- 56% fear sophisticated attacks aimed directly at the organization,
- 46% fear phishing, social network exploits, or other forms of social engineering, and
- 26% fear polymorphic malware that evades signature-based defenses.
This correlates with another major concern; that 38% of respondents perceive that the weakest links in the enterprise are end users who violate security policy and are too easily fooled by social engineering attacks. Even with the most sophisticated software and firewalls, security practitioners cannot guarantee the cautious behavior of every end-user in an organization. Since security is only as strong as the weakest link, this is an unacceptable scenario when protecting industrial control systems and assets.
Most feared cybersecurity threat actors to Asia’s critical infrastructure
Narrowing back to the Asia BlackHat survey results, 56% of the respondent believe their country’s critical infrastructure is under the risk of attacks from the following sources:
- 23% Cyber espionage by large nation-states
- 21% Potential attacks by organized crime
- 10% A potential attack by a terrorist organization
- 2% A potential attack by a single nation
It is no secret that today, every nation that prioritizes national defense has already set up, either officially or unofficially, a cyber unit. Data theft and espionage are age-old practices. Recent disclosures by the US DHS caution that widespread cyber espionage attacks on critical infrastructure control systems appear to be gathering enough information about those control systems to shut them down in times of conflict. When it comes to national infrastructure, especially among countries along the contested “nine line” border of the South China Sea, this risk is even more grave. Cyber-related activities by hostile or even allied nation-states are a growing concern among InfoSec professionals, as these breaches are perceived to be nearly impossible to defend against in IT-style, firewalled control systems.
How unidirectionality quells fears
A Unidirectional Security Gateway however, integrates control system and IT networks safely and reliably, while reliably defeating malware, stolen passwords and other exploits of IT users’ (un)accountable behavior. Deployed to enable IT and Internet-based monitoring and data processing without risk, a Unidirectional Gateway transmits information in one direction only – from a control network to an IT network – and, unlike firewalls, is physically incapable of transmitting any attacks back into the protected network. This network architecture provides absolute protection to control systems and industrial control networks from attacks emanating from external, less-critical networks.
To learn more about how Unidirectional Gateways defeat even sophisticated cyber attacks, download our top 20 cyberattacks for ICS whitepaper.