24 May 2022

Four Critical Risks To Watch As Experts Predict A Cyber Cold War

Steve Piper

In a backdrop of global geopolitical instability, cyber expert Nicolas Chaillan, the former chief software officer for the U.S. Air Force and Space Force, recently noted that the world has reached a point where cyberspace is approaching a modern cold war.

Chaillan, the ex-Air Force software chief famous for resigning because of the way the Department of Homeland Security procrastinated in implementing zero-trust security controls, warned that a powerful nation-state adversary could wreak havoc for organizations all over the world. Some key cyber risks that have infosec experts particularly worried include attacks on critical infrastructure, software supply chain threats, satellite security and disinformation.

In this article, I’ll briefly assess each risk to give the reader a high-level view of the cyberthreat landscape.

Critical Infrastructure

Regarding the resilience of America’s critical infrastructure, Chaillan delivered the most chilling assessment to date. In the Fox News interview, Chaillan said that the current state of critical infrastructure security in the U.S. is “at a kindergarten level.” Chaillan highlighted alarming cyber vulnerabilities in the U.S. that other experts have pointed to as well, such as the power grid, water facilities and “pretty much all powering our economy.”

Supply Chain Security

The anti-fragility of supply chain IT is another area of grave concern. Some recent examples of this risk include Microsoft exchange breaches of 2020 and, even more nascently, the Log4Shell remote-code-execution (RCE) flaw uncovered in Apache’s Log4J JavaScript logging utility by an Alibaba researcher last November.

While hacks like the one involving SolarWinds and other companies have enabled threat actors to compromise the IT systems and surveil the internal communications of nine federal agencies, the Log4Shell RCE received the National Institute of Standards and Technology’s most severe risk rating. Cybersecurity experts have almost unanimously labeled Log4Shell the most catastrophic IT vulnerability in recent history, given how deeply embedded Log4J is in software supply chains.

Satellite Risk

Satellites present another devastating attack vector. For one, satellite hacks could be a “casus belli,” or an act of war. Secondly, a satellite hack, beyond potentially enabling a threat actor to exfiltrate or obfuscate sensitive geo-spatial data, could also sabotage power grids, cloud storage, air traffic, financial transactions, location-based services, ATMs and any modern communications that rely on satellite networks. In short, the disruption of space-based services could be catastrophic.

Disinformation

The last threat to be on alert for is an all-too-familiar one by now: disinformation. In war time, propaganda is inevitable from all opponents. Every government and military deploys this method when national security is on the line.

Today, the weaponization of artificial intelligence and generative adversarial networks (deep fake videos) has experts particularly spooked. Despite the development of technology that can detect AI-constructed videos and images, the concern is that a nation-state actor could deploy a synthetic video capable of subverting advanced detection systems.

What The Future Holds

In today’s geopolitically volatile environment, echoes of the animal spirits that plunged the world into a full-blown global conflict a century ago abound. From a devastating respiratory pandemic, economic turbulence and the increasing shakiness of the world’s reserve currency propelling paradigm shifts in the global world order, there are striking parallels to the conditions that spawned both WWI and its sequel.

The difference today, of course, is a cluster of nation-states with mature, weaponized nuclear capabilities and cyber ones as well. Not to be overlooked, however, is the threat of cyber-enabled financial warfare. While attacks on our core financial market infrastructures are obviously a matter of grave concern, at least the financial sector has been more diligent about hardening its security posture and adopting zero-trust controls.

Organizations need to figure out how to mitigate these cyber risks. One important way to do so is to approach enterprise information security from the vantage point of zero trust. While some nascent vendors are addressing some of the underlying network-access concerns raised by zero-trust practitioners via more cautious user-privilege provisioning controls that mitigate unauthorized lateral movement in business IT environments, it’s important to remember that zero-trust security is more of a strategy than a technology.

At its core, zero trust is about treating every data packet, connection, network request, invoice submission, employee message and user—including those who are known to the network—as suspicious. During the pandemic, the technological impact of this paradigm shift on enterprises has been evident in their accelerated migration away from virtual private networks (VPN) toward software defined perimeter (SDP) solutions, for example.

No comments: