The State of Global Cybersecurity Defenses In Critical Infrastructuresby@jeffreygwei
123 reads

The State of Global Cybersecurity Defenses In Critical Infrastructures

by JeffreyGweiFebruary 14th, 2021
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

The State of Global Cybersecurity Defenses In Critical Infrastructures is published by Jeffrey Neijenhuis. The author says that the shift from physical war to digital war is increasing and both secret services and public companies are having a hard time keeping up. Attacks like this are only increasing and there are countless stakeholders that have their own motivation to exploit vulnerabilities in our networks. Hot targets are energy processes & telecom providers (including the suppliers and logistics), public companies & top innovative industries, public companies, science & knowledge institutions, and international public affairs.

Companies Mentioned

Mention Thumbnail
Mention Thumbnail
featured image - The State of Global Cybersecurity Defenses In Critical Infrastructures
JeffreyGwei HackerNoon profile picture

The world as a whole and sovereign countries individually are always facing all sorts of threats. Each region comes with its own challenges. Some Islands for example will vanish completely due to the rising sea levels and changing climate. Some countries struggle with poverty, diseases, or a lack of fundamental human rights. Other countries, however, mostly underestimate how vulnerable they are to spycraft, espionage and cyberattacks. 

Similar to how our climate changes over time by nature, as the world finds balance she sees fit, so does spycraft. Though in this case, it’s not mother nature pulling the strings but leaders like Putin, Xi Jinping, Erdogan or Kim Jong-un. A different type of threat just as dangerous, but often invisible until it strikes or gets discovered, with the potential to impact big chunks of the population or economy.

The threat to democracies and competitive economic advantages

There is a serious ongoing threat to democracies because nation-states are becoming more assertive and egocentric. Motives vary from national political and safety interests, financial-economic motives all the way to having a more powerful influence on foreign policies. Hot targets are vital infrastructures like energy processes & telecom providers (including the suppliers and logistics), public companies & top innovative industries, science & knowledge institutions, and international public affairs. 

Different strategies have been used or are being used for centuries, including physical and digital espionage, sabotage, military intimidation, foreign investments and acquisitions, and influencing debates or news online. The shift from physical war to digital war is increasing and both secret services and public companies are having a hard time keeping up.

Who are the bad guys?

If you live in China, Russia, it is speculated that you are being attacked as a citizen as well. Experts say that the Chinese and Russian governments spy through means of mass surveillance and censorship by the great firewall or manipulation through social media and state-owned media networks.

While having to deal with that, simultaneously citizens are probably also being attacked by other nations, who are trying to keep up with Putin or Xi Jinping through counter espionage.

While the Russians and Chinese think they are spies are heroes, the Americans and Dutch also think highly of their spies too. It’s almost like a tactical game, but this one is very real, and there is no option for either side to pause or quit the game.

‘It doesn’t affect me’

At first, you may think espionage is only affecting some politicians or that spy craft can’t do much harm. Yet it is evolving like everything else around us. And it’s not just governments, it’s terrorists and lone wolves in their mom's basement too. Only a few days ago the news came out that the water system in a city of Florida was infiltrated by a computer hacker.

The hacker was able to increase the amount of sodium hydroxide in Oldsmar’s water treatment system to dangerous levels. Fortunately, this was reversed rapidly and no real harm was done. Outdated computer systems have vulnerabilities that can be used to cause serious injury to large populations. 

This is only one example of a US water plant, but it is no exception. The Netherlands is facing similar attacks daily. Just because we hear it in the news only every once in a while, doesn’t mean it only happens sporadically. Attacks like this are only increasing and there are countless stakeholders that have their own motivation to exploit vulnerabilities in our networks.

Attacking water plants or electricity networks has great implications if successful on a large scale. And even more so if it takes a long time to recover from it. Most families can manage to survive a few days without groceries, fresh water and electricity. But it does not take a long time before the riots start. Even shorter if all communication networks are down too.

Supply chains complexity

Besides critical infrastructure, supply chains specifically need to be protected from a wide variety of angles. Think of a large enterprise. Thousands of smaller companies and suppliers – who may only play a small role in the grand scheme of things - work with bigger companies who rely on them.

It is a fine balance between doing trade with China - which currently is inevitable - and coming with sanctions because of cyberattacks, espionage or stolen intellectual property. We're dependent on China, which is projected to take over the US GDP as the world's largest economy somewhere around 2028. We’ve all heard about potential espionage vulnerabilities through 5G cell towers from Huawei. But Chinese products are deeply rooted in many countries their critical infrastructure already. Another example is the concern of potential espionage in the harbor of Rotterdam, as reported by news magazine FD on January 31, 2021. 

Big scanners made for luggage and containers going through the biggest port of Europe. These same scanners are used in gates at airports or distribution centers too. It is one more way for China to keep an eye on not only their own citizens but the citizens and goods in the entire world. These scanners are supposed to be used to protect our national security and fight criminal activity, but should a partially Chinese state-owned company deliver critical parts of our national security? The United States already warned that the company has close ties to the Chinese army and many countries banned the scanners because of it, following the US example.

To be clear, there is no evidence Nuctech scanners indeed spied on goods being imported and exported. The data is supposed to remain in the harbor and is not connected with external digital networks. Still, safety and security experts, as well as politicians, are not confident enough to guarantee this will be the case forever, meaning the Chinese government may force a backdoor - if this is not already in place. Experts say we are too naïve, especially with the internet of things and emerging technologies like 5G ever-expanding.

Stuxnet: The US, Israel and The Netherlands against Iran

Ultimately, they are being naïve. There are historical examples enough of private networks – not connected to any other network - being infiltrated for espionage or for causing damage. One of the more fascinating stories is about how the United States and Israel managed to gain access to a nuclear power plant in Iran, and successfully took down critical parts of the system. The operation is known as Stuxnet and occurred in June 2010. Nine years later it turns out the United States and Israel were successful in their operation with the help of the Dutch intelligence agency ‘AIVD’. 

The AIVD was able to recruit a mole who gathered sufficient information about the internal workings of the nuclear plant and its centrifuges before a USB flash drive was plugged into a computer kicking off the attack. Not only did it self-destruct centrifuges but it had also been spied on despite being a completely private network thought to be untouchable. This is an appropriate example because who better knows the internal workings and vulnerabilities of these scanners in Rotterdam than the Chinese who partially own the company manufacturing them? It is delusional to think China isn’t able to cause significant harm or to steal a significant amount of information when it is of any benefit to them.

Working together

Only days after concerns about the Chinese scanners made headlines, three of the largest and most critical secret security services of The Netherlands came with a new report on the current threats. They have published 33 pages and an infographic about how vulnerable we really are at the moment, specifically mentioning some well-known suspects.

The General Intelligence and Security Service (Dutch: Algemene Inlichtingen- en Veiligheidsdienst (AIVD), The National Coordinator for Security and Counterterrorism (Dutch: Nationaal Coördinator Terrorismebestrijding en Veiligheid (NCTV), and The Military Intelligence and Security Service (Dutch: Militaire Inlichtingen- en Veiligheidsdienst, MIVD) all warn for immediate digital threats, opposed to physical threats which are unlikely to happen in the next 2 years. 

Beyond the funding

For this, the AIVD, MIVD and NCTV to start with, need more funding. Recently France and the United Kingdom already increased their spending by 5 and 8 percent. Aside from funding, the Dutch have a comprehensive list of countermeasures beyond that.

The same needs to happen with secret services in other countries like the U.S. where the CIA, FBI, NSA, and at least a dozen of other agencies make up the U.S. intelligence community. All these agencies come to the realization they need to work closer together beyond the basic information sharing, competing for budgets, and working with siloed and disparate systems of security services. 

The realization is starting to kick in that they all have a better impact by working more closely together which traditionally wasn't always the case. Whether you are in the United States, in The Netherlands, or any other country, there’s always some sort of internal battle between intelligence agencies for various reasons. This makes them weaker. Secret service institutions also know they need more intensive relationships with public and private companies and startups who develop interesting technologies and innovations. Mainly for two reasons:

1. How do public companies and startups protect themselves and their innovations against cyber attacks and espionage from other nations? Often they don't even realize they are interesting targets for attacks, like gen technologies, seed breeding, artificial intelligence, and other top industries. It is said that China steals a lot of innovation in their transition from a cheap labor and production economy to a knowledge economy independent from foreign technology. The Chinese have speculated lists with top industries in The Netherlands like semiconductor companies, sustainability innovators and other economic targets playing an important role in today's economy - and the future of the economy - for The Netherlands.

2. How can intelligence and security services leverage the technology being created by innovative public companies and startups? They need to be even more pro-active in researching and using the latest cybersecurity solutions available. Innovative companies like U.S.-based Dragonchain are starting to gain traction by making strategic partnerships capable of not only protecting individuals but entire nations with a digital fortress. China is heavily investing in quantum, 5G, artificial intelligence, blockchain and other emerging technologies. 

The rest of the world has an obligation to stay ahead or to keep up, otherwise, China will be in control of the technological products, services and standards of the future.