SecurityBrief Asia logo
Story image

Exclusive: How nation-state attacks impact businesses

13 Aug 2018

With tensions between global superpowers rising, cyber attacks have become a new frontier for governments to gain an advantage over one another.

SecurityBrief spoke to PAS Global CEO and industrial cybersecurity veteran Eddie Habibi about nation-state attacks, the motivations behind them, and how organisations get caught in the crossfire.

How do nation-state cyber attacks affect businesses?

Nation-state cyberattacks pose a significant risk to businesses, ranging from theft of high-value intellectual property (IP) to complete shutdown of operations and irreparable damage to brand reputation.

Nowhere is this risk more prominent today than in critical infrastructure.

A cyber attack on the digital industrial control systems that enable safe operations can be manipulated to cause physical damage to a process, power, or manufacturing plant.

What form do these attacks usually take?

Nation-states have shown a great deal of interest in attacking the institutions and industries that define the strength of a nation.

That includes everything from manipulation of social attitudes about hot political topics to the disruption of electricity services by shutting down the power grid.

What are the typical motivations of a nation-state attack?

While it is difficult to speculate the exact reasons for any single nation-state attack, it is generally recognised that cyber attacks are a new, inexpensive, and stealth weapon of choice that can potentially cripple an economy and create chaos in a sustained multi-channel attack.

At this stage, I believe most nation-states are hard at work developing both offensive and defensive cyber weapons as a means of survival for the inevitable.

What can businesses do to prepare for the impact of such attacks?

Businesses must take a strategic approach to cybersecurity, especially in the critical infrastructure.

While being wary of the hype, businesses must also recognise that the Pandora’s box has been opened and there is no turning back.

A robust cybersecurity strategy, especially for operational technology (OT) assets, starts with industrial endpoint protection.

At the heart of endpoint protection is configuration security management.

Configuration security includes establishing an accurate and complete inventory of control system assets, identifying and addressing known vulnerabilities, institutionalising a strict management of change process, and securing an evergreen backup.

This is known as foundational security.

The rest of the security stack includes anomaly and threat detection, firewalls and access control, antivirus and more.

What are common misconceptions businesses usually have about these attacks?

The greatest misperceptions about cybersecurity risk associated with industrial control systems (ICS) include:

  •  my ICS is “air-gapped” (not connected to the Internet) and therefore secure;
  •  traditional IT security protection measures are adequate for protecting industrial control systems (ICSs)
  •  and most concerning is, IT alone, without the close involvement of OT experts, can solve the problem
Story image
Attivo Networks expands Active Directory suite for greater protection
"We see Active Directory exploitation used in the majority of ransomware, insider and advanced attacks. We are pleased to now offer our customers early and efficient solutions for preventing the misuse of Active Directory.”More
Story image
Egnyte ensures greater security across Microsoft 365 with latest integrations
The new integrations are aimed at helping mid-sized organisations prevent data loss, address a growing number of regional privacy regulations, and simplify the overall management of content with minimal administrative overhead.More
Story image
AvePoint brings Salesforce Cloud Backup to channel partners
The product adds to the AvePoint suite of trusted Cloud Backup for Microsoft 365 and Dynamics 365 to provide managed service providers with backup and restore capabilities across multiple, popular SaaS providers.More
Story image
Video: 10 Minute IT Jams - SonicWall VP on the cybersecurity lessons learned from the last 12 months
This is our seventh IT Jam with SonicWall, the cybersecurity company specialising in firewall, network security, cloud security and more.More
Story image
FortiGuard appoints former cyber warfare officer
Former RAAF cyber warfare officer Mark Robson has been appointed as senior tactical threat analyst in FortiGuard’s managed detection and response team, FortiResponder.More
Story image
5G network security a US$9 billion dollar opportunity - report
The cloud-native nature of 5G networks will have a disruptive and positive impact on the cybersecurity industry in the next few years, with 5G network security presenting a US$9 billion enterprise market opportunity by 2025.More