Intelligent CISO Issue 9 - Page 44

Shay Nahari, Head of Red Team services, CyberArk industry unlocked Hacks to our critical national infrastructure (CNI) – including utilities like water and energy supplies, which countries require to function on a daily basis – have become a major cause for concern in the last 12 months. Shay Nahari, Head of Red Team services, CyberArk, outlines the steps that need to be taken to manage the credentials that provide access to and control over such critical national infrastructure and ensure they remain secure. 44 C Cast your mind back to December 2017. You may remember reading how hackers managed to close down industrial operations at a petrochemical plant in the Middle East using a form of malware called Triton. attention. Given the critical nature of the alerts, they should serve as a call to immediately evaluate the cybersecurity procedures used to safeguard these emergency warning systems. At the time this attack did not appear to represent a watershed. However, in the last 12 months attention has turned to how hackers with malicious intentions could seize control of the critical infrastructures of cities and nation states, including systems managing national resources such as energy and water supplies. But how exactly did these breaches come about? One emerged from a supposedly ‘innocuous’ source, as it turns out. Recent research published by IBM, for example, discovered 17 zero-day vulnerabilities in the smart systems governing various critical city infrastructures, including in flood defences, traffic monitoring systems and radiation detection. The research team specifically warned that a hacker could easily manipulate emergency systems to get rid of protections or dissemble alerts designed to warn people of catastrophic events. In the case of the fake Japanese and Hawaiian missile strikes, both alerts can be attributed to employee error. In the Hawaii case specifically, the false alarm was sent out via Twitter. This case was exacerbated by the fact that the governor forgot his Twitter username and password and could not log on to reassure the public fast enough. The security threat to our critical national infrastructure (CNI) is abundantly clear. But the threat goes beyond research – it is a tangible reality and there are already many concerning examples which require analysis. Previously, one of the more prominent examples was Stuxnet, the malware which famously infected an Iranian nuclear plant and caused its uranium centrifuges to fail. As social media becomes an ever more crucial medium to communicate with the general public and CNI attacks potentially begin to grow in prominence, all government officials who use social media for emergency communications must immediately review how they are managing these accounts to eliminate the chance that a forgotten password could delay the relaying of important information. Reviews must also make sure that social media platforms such as Twitter, for example, are hardened But, more recently, the recent erroneous missile strike alerts in Japan and Hawaii, which caused substantial civil disruption, have drawn Employee error and puzzling passwords wreak havoc Issue 09 |