Express Computer
Home  »  News  »  ‘Critical national infrastructure is a tempting target for cyber threat actors’

‘Critical national infrastructure is a tempting target for cyber threat actors’

2 703

California based cybersecurity company CrowdStrike effectively tackles the most modern-day and malicious cyber threats.  Mike Sentonas, VP Technology,  CrowdStrike, claims that none of the establishments which are under Crowdstrike shelter, fell to prey to any internet crime. In an interaction, Sentonas shares more about the company and how it is geared up for the Indian market. Edited excerpts.

What are the cyber security industry trends- globally and locally?

The findings of the 2019 CrowdStrike Global Threat Report points to the escalating activities of nation-state actors and global eCrime actors across all targeted industries. Some notable trends identified include:

  • The continued rise of “Big Game Hunting,” the practice of combining targeted, intrusion-style tactics for the deployment of ransomware across large organisations.
  • Increased collaboration between highly sophisticated eCrime threat actors. The use of geo-targeting to support multiple eCrime families was observed through a variety of tactics.
  • Industries at high risk for malware-free intrusions include media, technology and academia, highlighting a growing need for defenses to be strengthened to safeguard against more sophisticated, modern attacks.
  • Several targeted intrusion campaigns by China, Iran and Russia focused on the telecommunications sector was identified over the past year, likely in support of state-sponsored espionage activities. Subsequent lures to drive more effective social engineering campaigns also resulted in compromised telecom customers, including government entities.
  • There is increasing operational tempo from China-based adversaries, which is likely to accelerate as US-China relations continue to be strained.

As for India, PWC points out that Privacy and personal data protection will be a key focus area for organisations in order to align themselves with the Personal Data Protection Bill. Machine Learning (ML)/Artificial Intelligence (AI) will become a cornerstone of organisations’ digital defence. With the focus on Smart Cities across India, IoT security will become a focus as regulators work to secure critical infrastructure and as cloud adoption continues to grow in 2019, efforts to protect sensitive data stored in the cloud will multiply.

What issues and challenges does India face today when it comes to cybersecurity?

Digital India is a significant opportunity that can generate huge economic value for the country. Cyber attacks, however, remain a significant risk, and major incidents over the last 12 to 18 months have demonstrated inadequate protection in a number of organisations across India.  While the true impact is hard to measure without widespread breach notification reforms, the publicly disclosed incidents highlight the gravity of cyber security challenges.  As India is aggressively building its digital economy, cyber security needs to become a critical phase in the design process.

Basic hygiene remains a significant challenge, with numerous cases reflecting patching deficiencies that have led to significant breaches.  Attackers are finding it easy to exploit vulnerabilities that have not been mitigated with patches, which at times have already been available for a significant amount of time. This is a pressing issue in India: Ransomware, as an example, has been a growing problem with attackers today using the EternalBlue vulnerability from 2017.  Hygiene is simply a critical requirement every organisation needs to focus on – think of it as a low-hanging fruit that deters attackers from having an easy way in.

Additionally, in late 2018, Microsoft tests showed that 91 per cent of new PCs from India were loaded with pirated software, and this is also a pressing issue.

Whilst spending on security in India is growing, India remains a very price sensitive market—this means a number of organisations in India are under-prepared to face today’s cyber attacks, given the significantly low level of security spending outside large Indian multinationals.

All companies are placed in a difficult position when giving access to corporate data, but small and medium businesses are especially vulnerable to data breaches and cyber attacks? How do you think this situation can be tackled?

A lot of small and medium businesses don’t see themselves as a target— they believe that their cyber security is good enough and that they don’t have anything of value to a cyber attacker. Adversaries love to focus on small and medium businesses as a result, viewing them as a softer target lacking robust cybersecurity infrastructure.

SMBs unfortunately have the perception that tackling cybersecurity challenges is expensive. This is far from the truth, as there are pragmatic measures SMBs can implement to secure the organisation— which do not necessarily involve buying technology and which do not really cost much. These are around basic user awareness, patch management and hygiene, doing basic things like keeping your operating system up to date—a feature in every operating system. By turning updates on and rolling out new operating systems or application patches, organisations can be assured of the remediation of vulnerabilities and insecure configurations. Multifactor authentication is also crucial—as this ensures that a scammer does not easily get access to credentials.

Cyber attackers are well-funded and technically advanced. Their attacks pose a threat to national initiatives such as Smart Cities, E-Governance, and digital public identity management. Government and military organisations and other businesses store and process significant volumes of confidential data, regularly transmitted across networks, thereby increasing their exposure to cyber threats. How do you think these can be addressed?

Critical national infrastructure, including government services and defence, is becoming an increasingly tempting target for all kinds of malicious actors.  There are three main motivations for attacking critical national infrastructure: disruption, financial gain, and espionage, and these motives can apply to all kinds of attackers, from nation states to individuals.

At the moment, most of these infrastructure attacks seem to have been perpetrated by nation states, but it is easy to see how other actors could attack the same targets.

With threat actors utilising increasingly sophisticated attack methodologies, organisations can no longer rely solely on traditional antivirus (AV) software in their security estate. Traditional AV software are capable only identifying known virus families, and is therefore vastly ineffective at spotting new strains or families of malware. Organisations must invest in capabilities that can detect attacks through means other than their unique “fingerprint”. These capabilities identify threats based on abnormal behaviour– such as sending large volumes of email or trying to access or alter files – rather than relying on spotting known virus signature.

Another key attribute of every modern security estate is the ability to monitor indicators of attack (IoA), such as code execution or suspicious process, which can potentially identify imminent attacks before they have even occurred or even before its formal identification as a cyber threat.

How are AI and ML used in cybersecurity?

Artificial intelligence and machine learning have a critical role in cybersecurity.  Effectively used, AI can better detect new and unknown threats in real time,  providing higher efficacy levels to protect organisations. The sheer number of attacks seen on a daily basis is beyond the capability of traditional signature-based detection.  Many of the attacks that have devastated organisations over the last few years are simply due to failed detections. While improving the ability to detect new threats, AI and ML alone do not simply fix the cybersecurity challenge. Having comprehensive endpoint protection – not only including AI and ML but also offering exploit prevention and behavioural analysis – should be an integral part of any solution used in organisations.

Get real time updates directly on you device, subscribe now.

2 Comments
  1. guest posting sites list says

    Hi

    I need post on your site ; https://www.expresscomputer.in/
    Tell me What is your post price.

    Waiting for reply.
    Please reply me here is my id.
    [email protected]

    Thanks.

    1. Salil Sule says

      Kindly write to [email protected]

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image