Cybersecurity 2019: Connectivity
By: James Azar
We are now dependent on instant and constant connectivity in both our commercial and personal lives. From fiscal transactions to Facebook, being connected on the internet dictates the efficiency with which we run our business, social relationships and our personal households.
The problem is that if someone were to suddenly ‘pull the plug’ we have no idea where to go from here.
In the same way that residential properties have back-up generators, we need some kind of back up for the internet. An increasing number of cyber attacks are focused exclusively on crashing systems, disrupting flow and creating breaks in service supply.
We need a disaster recovery plan.
A serious one, which means having plans that work beyond the short-term solution of employees working from home.
This type of plan fails to recognize that without connectivity, long distance work continuation is still easily disrupted and key individuals can and will be targeted. Not only that, but it ignores the bigger issues and for that, we can run through different types of attacks.
Types of Outage Attacks
Attacks take many forms:
The physical –such as cutting cable lines, real-world “hacking” which is an even bigger problem when it’s at sea and possible repairs take much longer.
DDos distributed denial of service (DDoS) attacks - that utilize botnet armies to misdirect internet addresses and routes.
Attacks on IoT – Encrypting data can take place on any device and the average ransoms for data increases yearly by hundreds of dollars. The ISF along with others believe that cybercriminals will respond to the increasing market of IoT by focusing their efforts there.
The huge interest in these types of attacks stems from the potential of terrorists to use it to do more than disrupt day-to-day business, but to remotely shut down vehicle parts and medical implants.
Planned internet outages can hold commerce hostage.
The International Security Forum (ISF) forecasts that in the very near future, and for socio-geopolitical reasons, cyber criminals will find as many ways as they can to cause widespread disruption, at local and regional levels – and the pattern continually re-emerges in the headlines, worldwide.
Who is on the hit list for Outage Attacks?
- Businesses for competitive reasons and the possibility of ransom.
- Government organizations are legitimate targets for ransoms and to simply create social chaos. Even the police department, rely on connectivity for communications.
- Private banks as they hold so much important information.
The most basic of first steps would require:
- Reacting to the outage attack requires a multi-pronged approach from various government departments.
- Individual Companies will have to reduce/mitigate attacks risks that could occur frequently.
The larger steps and further recommendations are :
- Be in contact with all relevant partners to negotiate alternative methods of communication if there is an internet outage
- Develop contingency plans with various local and regional industry colleagues for real and achievable strategies for when the internet drops.
- Does your communication provider have a strategy for an outage?
- Keep all systems updated '
- Have mandatory minimum-security requirements for IoT devices.
- Incorporate IoT-related ransomware training into your workplace.