Alastair Hartrup, Global CEO of Network Critical
The high-tech industry continues to create and innovate in the field of data communications and also data privacy and protection. There are billions of dollars spent on the research and development of new products and taking them to market. Then the private sector sells products to private customers, as well as government organisations, that can benefit from those products and services. The problem? The criminal sector seems to be creating malware at a faster pace than the private sector is developing defences.
Is that really the way it is going? Well, the answer may be the proverbial ‘yes and no’. In support of the argument that government is following, not leading, we have a United States GAO report that chides the Department of Homeland Security for being lax on creating and classifying critical cyber defence positions. The idea passed into law by the Senate in 2014, was designed to ensure that government organisations had the necessary tools in place to secure agency systems and to pass that information to the private sector as well. The GAO gave the DHS a 79% success rate for that task. This leaves many gaps and vacancies still open four years after the law was passed.
While a little slow with the execution, the good news is that DHS has now committed to acting on the GAO recommendations and boost its performance by June 2018. This will allow other government organisations, as well as private industry, to take advantage of this “template” for developing strong cyber defences.
In the meantime, however, hacks continue. A most recent surveillance phishing attack that originated from Beirut compromised Android phones in North America and Europe by sending links to a website that was controlled by the hackers, a group called Dark Caracal. The links contained surveillance malware that could steal data, take photos and spy on communication apps. This was not a sophisticated hack and the cover was blown by the hackers leaving cyber clues that allowed the malware to be traced to the Beirut group.
In the United States, thirteen Russian operatives have been indicted for attempting to influence the democratic election of a sovereign nation. The Russian plan was to use Bots and fraudulent social media identities to favour their preferred candidate over the other. The point here is that cybersecurity is not only to stop theft or infrastructure damage but also to defend against a foreign attack against a nation’s ideals as well.
Now let’s shift gears from an attitude of, “we know we have a problem and we are getting around to it,” to “we have a plan and are putting it into action.” The British government, according to a February report from the NCSC, has a plan to actively defend the U.K. against high-volume commodity cyber-attacks. The National Cyber Security Centre’s Active Cyber Defence Program plans to actively test and utilise cyber protection measures that it will propose to all government and private organisations. The plan is to prove the worth of various cybersecurity programs on in-house systems then report successful results for use by others.
As a result of this program, the U.K. has been able to reduce the number of phishing sites hosted in the U.K. by enlisting the cooperation of the hosting providers to take down the malicious operations. This sounds obvious but has been successful in cutting the U.K.’s share of hosted phishing sites almost in half.
Other cybersecurity initiatives being implemented by the U.K. program include using technology to cut down spoofed gov.uk addresses, a Web Check service the tests public sector websites for security issues, a public-sector DNS service that checks and blocks known malicious domains and other technologies to make spoofing more difficult. These services are deployed and proved on government systems, and then delivered in the form of guidance to the private sector.
This is a great example of a government actively taking the lead on protecting its citizens and organisations from cyber-attacks. The tech giants are also working in cooperation with governments and private organisations to help combat this growing problem.
Siemens, Airbus, Allianz, Daimler, NXP, SGS, T-Mobile and the Munich Security Conference outlined a new effort called Charter of Trust. The new effort, just unveiled last week, will seek to make cybersecurity an integral part of business and government philosophy. The basic goals will be to protect privacy, prevent harm to critical infrastructure and establish a reliable, trusted network for government and the private sector.
While all this great work is going on, it is important to understand that the privacy and security of your organisation and infrastructure are still firmly in your hands. There is great technology available today to help block and isolate malware attacks and to prevent the loss of valuable information stored on network servers.
As a foundation, every network should have Next Generation Firewalls (NGFW) that include intrusion prevention. Beyond that, there are specialised Data Loss Protection (DLP) devices that set policies to prohibit the download of information to devices without specific credentials. Other devices scan for anomalies in emails and other traffic that could be attacked masquerading as legitimate traffic.
These and many other specialised security and privacy protection devices can safely and simply be added to networks using TAPs and Packet Brokers. The TAPs provide a safe connection with fail-safe technology to keep networks available even if the security tools go offline. Packet Brokers have a variety of sophisticated features to help simplify deployment and effectively manage all these devices.
When developing a security architecture, it is best to include TAP and Packet Broker strategies in the early stages of planning. This allows a coordinated approach to deployment and management of the important tools necessary today that will keep your network safe and your information secure.
There are governments that choose to promote cybercrime. There are governments that are slow to adapt to the new realities of cybercrime. Thankfully, there are also governments that are leading the way in the effort to fight cybercrime. With a continuing private/public partnership, there is hope that the cybercrime fighting governments will make great strides in protecting the privacy of their citizens, securing their network infrastructure and leading their slower moving counterparts to the path of a globally trusted network.