Intelligent CISO Issue 02 | Page 79

decrypting myths
expert James Lyne discussed the growing trend in malware and attacks that aren ’ t profit centred , as has largely been seen in the past , but are instead focused on disrupting Industrial Control Systems ( ICS ) and utilities .
Mr Lyne , who is a leading global keynote speaker on cybersecurity and cybercrime , including TED talks , with appearances on CNN , NBC and BBC News , said : “ Day to day the grand majority of malicious code has undeniably been focused on fraud and profit . Yet , with the relentless deployment of technology in our societies , the opportunity for political or even military influence only grows .
Johannes Ullrich , Dean of Research at SANS Institute and Director of SANS Internet Storm Centre
they are made by software developers . Patching hardware is a lot more difficult and often not possible without replacing entire systems or suffering significant performance penalties . Developers therefore need to learn to create software without relying on hardware to mitigate any security issues . Similar to the way in which software uses encryption on untrusted networks , software needs to authenticate and encrypt data within the system . Some emerging homomorphic encryption algorithms may allow developers to operate on encrypted data without having to decrypt it first .”
Malware and attacks disrupting ICS and utilities instead of seeking profit
Head of Research and Development at SANS Institute and top UK cyberthreat
“ And rare publicly visible attacks like Triton / TriSYS show the capability and intent of those who seek to compromise some of the highest risk components of industrial environments such as the safety systems which have historically prevented critical security and safety meltdowns .
“ ICS systems are relatively immature and easy to exploit in comparison to the mainstream computing world . Many ICS systems lack the mitigations of modern operating systems and applications . The reliance on obscurity or isolation ( both increasingly untrue ) do not position them well to withstand a heightened focus on them and we need to address this as an industry .
“ More worrying is that attackers have demonstrated they have the inclination and resources to diversify their attacks , targeting the sensors that are used to provide data to the industrial controllers themselves . The next few years are likely to see some painful lessons being learned as this attack domain grows , since the mitigations are inconsistent and quite embryonic .” u www . intelligentciso . com | Issue 02
79