This time of year there’s a lot of buzz about cybercrime. People are shopping online even more frequently, zipping credit card and other personally identifiable information from shop to shop on a second-by-second basis. If these people don’t take logical precautions against cybercrime, there’s a possibility that they could fall victim to an attack. That would be horrible! The effort, cost and fear that come from being a victim of a cyberattack take their toll on people.
But bigger, scarier dangers loom on the internet.
And, where there are connected devices, there is the threat of cybercrime.
Critical Systems and Cybercrime
In today’s world, it’s not just retail sales that are managed by computers. It’s everything! From how the electric company monitors usage to how food is routed from one location to another, every aspect of our lives involves computers with a connection to the internet. And, where there are connected devices, there is the threat of cybercrime.
Certainly, businesses understand their own critical systems. They understand which components of their network simply cannot fail in order for them to stay operational. But, as a society, we also depend on a series of systems to stay alive and well. Think about:
- Medical care
- Public safety (police, fire brigade, etc.)
It really isn’t overstating it to say that our entire way of life is dependent on computers and their connection to one another via the internet. Imagine what would happen if cybercriminals gained access to these critical systems.
Is This Fear Mongering or Reality?
While this might sound like the “stuff of science fiction movies,” the threat is quite real. In mid-November, a hospital in Fürstenfeldbruck, Bavaria became unable to accept patients by ambulance after their systems were attacked. The attack shut down more than 450 computers systemwide and was traced back to a single employee who had opened an email attachment with a virus in it. Fortunately, no one was injured during this situation and the hospital was able to continue treating existing patients without computer access.
In August, Saudi Arabia had a scare. A petrochemical plant was attacked. The attack was designed to cripple the company and cause an explosion. Fortunately, there was a coding error that prevented the explosion from occurring.
In 2016, hackers managed to gain access to a water treatment plant. They accessed millions of customer records, but even more disconcerting is the fact that they were able to adjust the levels of chemicals being used to treat the drinking water. While, in this case, the intent was not to physically harm people, clearly the capability to do so exists.
It’s frightening to think about the fact that hackers could upend the world we know. Supply chains disrupted or dismantled. Entire populations poisoned or harmed. Medical and other services brought to a standstill.
Layered security practices that include clearly defined processes, technical preparation, education, and swift incident response are the keys to protecting our critical systems.
So, how do we protect ourselves?
Unfortunately, there is no simple answer to that question. Layered security practices that include clearly defined processes, technical preparation, education, and swift incident response are the keys to protecting our critical systems – just as they are to protecting the critical systems of your business.
Processes. Accept that cyber threats are out there and examine all security-related processes. Know what to do, who to involve and how to proceed should an attack occur. Document the processes and workflows – both those for mitigating threats and those for responding to attacks. Map out your processes now to save precious minutes later on: the shorter a breach lasts, the less damage can be done.
Preparation. Obviously, take every possible technical precaution to prevent attacks. Install firewalls, anti-virus systems, encryption tools, security updates, and intrusion detection systems. If you don’t have the expertise on staff, bring in a consultant to help you identify and address vulnerabilities.
Education. Get everyone involved. Spread the word about how important it is for people to follow established processes and procedures so that hackers have a more difficult time gaining access your network and wreaking havoc.
Response. Once the alarm sounds, put plans into motion as quickly as possible. An incident response system, such as STORM powered by OTRS, simplifies this. The communication system has built-in security-specific processes and can be customized for your unique business. This means that, when an attack occurs, the incident is captured immediately. Processes and notifications are kicked off automatically. Resolution details are tracked for audit purposes. Everything happens instantly so that your team can mitigate the danger as quickly as possible.
It really is scary when you start to realize exactly how much damage cybercriminals could do. Fortunately, it is one of the reasons why the entire CERT community exists and why we bridge borders to share information, averting as many crises like the above mentioned as possible. Of course, as the US-based Department of Homeland Security notes, “Securing Cyberspace is a Shared Responsibility.” That means each of us must do our parts – be that at home, at work or in government – to guard against threats , prevent hackers from succeeding and reduce their overall motivation.