It is time to address those cyber insecurities – The Economic Times

Clipped from: https://economictimes.indiatimes.com/opinion/et-commentary/view-it-is-time-to-address-those-cyber-insecurities/articleshow/88622620.cmsSynopsis

Forbes, quoting a cyber expert, predicts a new attack every two seconds, and estimates ransomware costs at $265 billion by 2031. Apart from ransom costs, remediation, restoration, brand erosion, productivity loss, forensic investigations, PR and confidence rebuilding costs could add up to many times that number.

Anil Nair

Anil Nair

Former managing director, country digitisation, Cisco APJCIndia encountered 87 million data breaches in 11 months in 2021, the third highest in the world, according to a study by virtual private network (VPN) security company Surfshark. US and Iran fared worse, registering 212 million and 156 million breaches, respectively. 953 million accounts were reportedly breached in this period, affecting 1 in 5 people globally.

In April 2021, the networks of Colonial Pipeline in the US were hacked by remotely accessing a defunct VPN account, using a leaked password. Days later, a note demanding ransom in cryptocurrency appeared. For the first time in its 57-year history, Colonial, which transports 2.5 million barrels of fuel daily, shut down its 29,000-mile pipeline as a precaution. The company’s IT system had been broken into. Fortunately, the system that controls gasoline flow, the adjacent operational technology (OT) network, wasn’t. DarkSide, hackers with known Russian affiliations, stole 100 gigabytes of information, and reportedly coerced a ransom of $4.4 million. For a short interval, US oil logistics had been crippled.

By 2025, OT environments are expected to be weaponised, being relatively more vulnerable, built as they were decades ago. While IT attacks steal data, OT attacks can cripple pressure sensors, valves and motors, even entire industrial control systems, causing equipment malfunctions, forcing facility shutdowns and triggering explosions.

Other high-profile attacks in 2021 include Brenntag, a chemical distribution company with 17,000 employees across 670 sites, also by DarkSide. Their ransom demand was reportedly negotiated down to $4.4 million. US travel company CWT Global saw 30,000 computers and 2 terabytes of data, comprising financial statements, personnel records and security documentation, being compromised. The ransom given to the Ragnar Locker gang was reportedly $4.5 million.

Forbes, quoting a cyber expert, predicts a new attack every two seconds, and estimates ransomware costs at $265 billion by 2031. Apart from ransom costs, remediation, restoration, brand erosion, productivity loss, forensic investigations, PR and confidence rebuilding costs could add up to many times that number.

With cloud computing, the security perimeter has changed dramatically. The expanded threat surface includes end-user hardware (smartphones, laptops, desktops, etc), physical networks (routers, switches, cabling, etc), storage, servers, operating systems, programming middleware and applications. It embraces OT systems and healthcare, banking, logistics, transportation and energy infrastructure, transcending borders.

Transportation and logistics providers comprising road, rail and sea carriers are susceptible owing to the increasing use of sensors for tracking asset health and movement, the use of online platforms and phone apps for automated orders, shipment tracking, warehousing and customer information. Air traffic is a particularly critical area owing to legacy systems and safety and security considerations.

Healthcare companies including pharma, device manufacturers and hospitals have a lot of proprietary information they need to protect – about patients, trials, safety and outcomes. Information about manufacturing, distribution, platforms, implants and drug dispensers are equally important. Radio-enabled pacemakers are markedly susceptible.

The energy sector is at risk because of unique interdependencies between physical and cyber infrastructure. Apart from stealing customer information and billing fraud, threats abound across the value chain, including generation, transmission, distribution gear and smart devices. Vast geographical coverage, complex machinery, legacy systems and organisational complexity compound the issue.

The situation in financial services is best illustrated by the Carbanak coordinated attacks against multiple banks in 2013. Employees clicking on phishing mails opened a backdoor through which credentials were stolen. Then the admin system was identified and cash transfer system behaviours were mimicked. The blitz allegedly happened in Russia, the US, Germany, China and Ukraine.

In India, the nodal agency for cyberthreats is the Computer Emergency Response Team (CERT-In). Alarmed by the increasing sophistication of attacks, GoI has announced the setting up of a specialised, unified cybersecurity task force, to operate in concert with CERT-In. And to augment online intrusion detection, the National Internet Exchange of India (Nixi) will put up 65 new internet exchanges across India by March 2022.

Organisations must step up by recognising the problem at the board level and levels below, assessing risks and allocating adequate resources to protect digital assets. They should get expert help to create a holistic plan, applying threat intelligence and analytics, and building comprehensive monitoring dashboards. And by ensuring diligent execution, getting IT, OT, risk and cyber professionals to seamlessly work together. ‘Zero Trust’, a deliberate approach that eliminates implicit trust and validates every element and step of digital interactions, is a great starting point.

The writer is former managing director, country digitisation, Cisco Asia Pacific, Japan and China (APJC)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s