We all have read how frequently enterprise networks have been compromised using different entry vectors, tools or system loopholes. The question that arises is why public and private enterprises have not adopted more robust strategies to counter these intrusions. The fact is, cyber intrusions are complex to forecast, eliminate or even understand human intentions (insider threats). The cyber landscape is ever evolving; either a network needs to be reconfigured, or the systems have to be upgraded, vulnerable applications should be upgraded or deleted, employees need to be (re)trained on cyber hygiene, servers need to be reconfigured with advanced AI-assisted IPS/IDS's or passwords need to be strengthened. There is never a one-size-fits-all solution to cyber attacks. Thus, emphasis is on reducing than mitigating hacks.
The COVID-19 pandemic has exacerbated the issue by compelling companies to remote working environments without any stringent cyber controls. Employees pull resources from companies' servers using single-layered VPN tunnels that are somewhat limited. These changing cyber landscapes have resulted in multiple hacks of PII data, loss of proprietary information and business secrets not forgetting leaks of government systems, operations, processes or personal information of officials.
Critical sectors like education, energy, health, transportation, communication on which we depend on daily have become the frequent target of APTs resident in adversarial nations like China, Russia, Iran and North Korea. To understand the magnitude of the problem, it is worthwhile to review how these hacks impact the sixteen critical sectors outlined by CISA.
- Chemical sector - Communication sector - Dams sector
- Commercial facilities - Critical manufacturing - Defense Industrial base
- Emergency services - Energy sector - Financial services
- Food and agriculture - Government facilities - Healthcare and public health
- Information technology - Nuclear Reactors, Materials - Transportation Systems
- Water and Wastewater sectors.
The national wellbeing of the nation, and citizens' daily livelihood are intricately linked to each of the above sectors. By inference, cyber hacks targeting any of these sectors directly impacts the national security of the United States and the same could be applicable to other developed/developing economies. The next relevant question is if the United States and its allies/partners should push the United Nations General Assembly to adopt a Global Regulation Against the Hacking of Critical Infrastructures (GRAHCI)? Such a move could reduce the increasing prevalence of cyber attacks against these sectors.
Author - Elisha Ngwana, DSc Cybersecurity student
Comments