Security experts debate moving critical infrastructure online
Posted on 03 December 2012.
Paul Simmonds, Co-Founder of The Jericho Forum, has suggested that companies attempting to reduce costs by moving critical systems online could be opening themselves up to cyber attacks. Speaking at the Cybergeddon 2012 event, Mr Simmonds’ comments were echoed by other security experts – citing the discovery of highly advanced malware this year as a reason for greater caution.


This comes shortly after a researcher at security firm Exodus Intelligence discovered 23 vulnerabilities in industrial control systems from a variety of manufacturers, and the identification of further SCADA application vulnerabilities by Italian security company ReVuln last week.

Paul Davis, Director of Europe at FireEye has made the following comments:

The message is clear – when it comes to critical infrastructure, extreme vigilance is needed when taking the leap of faith into the online world, and cost saving cannot be the cause of any premature decision making. As our world becomes increasingly connected, with the internet controlling more aspects of daily life – the change needs to be reflected in the way that we think about security.

The security implications of Internet of Things are enormous, and are still widely misunderstood. However, while data loss and fraud are terrible outcomes of a breach, an intrusion on our control systems could have significantly more devastating consequences.

For SCADA systems in particular, it is essential that the security of the management platforms behind them is absolutely bulletproof – as any web-based attack on these systems would first have to penetrate this layer before moving on to the final target. As such, rapid detect and response solutions must be in place to thwart any threats immediately – and as evidenced by the calibre of malware being discovered today, traditional security tools simply do not go deep enough.

The rate at which international cybercrime is evolving has created a very steep learning curve for us all. GCHQ and other government organisations are doing a good job of publicising their efforts to boost collaboration, funding and overall cyber readiness initiatives – and hopefully with the right investment in the most appropriate defences, we will be well on our way to becoming a centre of cyber security excellence.





Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 29th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //