News

2017-06-08

Securing the Cyber World

Lockheed Martin offers cyber protection strategies for Governments & Citizens

In today’s digitized world, cyberspace and digital landscapes touch almost every aspect of life and are fundamental to the growth and security of citizens and governments both in the Middle East and throughout the world. However, with this dynamic digital landscape comes an increase in both the sophistication and complexity of cyber threats, leaving governments more vulnerable than ever before to attacks targeting sensitive infrastructure and data. Anthony L Winns, President, Middle East-Africa Region, Lockheed Martin shared with Nation Shield the framework of strategies to be adopted to counter the emerging threats.

Transcending geographic and physical boundaries, attacks in the cyberspace realm can have a staggering impact on critical infrastructure in the physical domain, according to Anthony L Winns, President, Middle East-Africa Region, Lockheed Martin. Key government assets frequently targeted by cyberattacks include everything from public services such as healthcare, utilities and financial infrastructure to military and civilian responders, air and missile defense platforms, and repositories of confidential information, he says and cites the example of the 2012 attack on national oil giant Saudi Aramco and several other recent attacks on regional enterprises.

“Today we are witnessing a rapid evolution in attack tactics. Distributed Denial of Service (DDoS) is one of the most common examples of cyberattack that aims to disrupt a targeted system by flooding its bandwidth with traffic,” he says.

“Last year, a complex DDoS attack caused widespread disruptions to the internet in the U.S. and Europe, impacting the sites of several organizations including Twitter, the Guardian, Netflix and CNN. Other examples of emerging threats include supply chain attacks and most recently, ransomware attacks.

“One of the major challenges associated with cyber threats is their rapidly evolving nature. Cyber exploitation tools are easily accessible and are susceptible to abuse by relatively low-skilled hackers. The motivations and skills of cyberattack perpetrators also transform over time. Today, these can be broadly categorized into six groups: cyber criminals with access to advanced tools, state-sponsored actors, terrorists, hacktivists, malicious employees and script kiddies. In a worst-case scenario, this landscape can shorten the length of time it takes an attacker to pose a national security threat,” he says.

So how do governments safeguard citizens and national assets in the face of this challenging environment? “Adopting an intelligence-driven defense approach is crucial since cyberattacks occur at an extremely fast pace and can “mutate” quickly leaving organizations that utilize a static defense system, vulnerable to exploitation. A proactive cyber defense framework of operations also includes a mix of appropriate products and skilled security personnel,” he says.

“Working closely with our partners we seek to cultivate governments and organizations from ad hoc users of intelligence to producers of proprietary intelligence that can be actioned to protect networks. A fundamental line of first defense in cybersecurity involves monitoring systems to detect potential threats. The Cyber Kill Chain® framework, we’ve developed, enables security personnel to identify and anticipate tactics associated with cyberthreats and covers seven steps: reconnaissance, weaponization, delivery, exploitation, installation, command and control and actions on objectives through seven steps. The Cyber Kill Chain® aims to monitor and adapt to the attacker’s actions, ensuring that they are “blocked” at a stage of the chain before completing the attack.

“Cyber hardening is another critical area for cybersecurity that continues to gain significant momentum across governments and organizations ultimately to prevent adversaries from taking over and potentially deteriorating the performance of these systems. Cyber hardening entails securing various threats and challenges across multiple domains to span all facets of cybersecurity: physical, human, supply chain, engineering and operations. As government platforms become more sophisticated, cyber hardening will need to extend to all systems within the platforms as well as support systems and mission systems.

“In the future, more governments will continue to see an increase in systems that are more autonomous, integrating human-machine collaboration and energy efficiency-smart grids. As the number of these interconnected platforms grow, it will be critically important for governments to adopt a combination of Cyber Kill Chain ® framework and cyber hardening as effective cybersecurity solutions in addition to training the next generation of cyber protectors. As a leader in this space, we will continue to work closely with our regional partners to safeguard and protect against potential exploitation, protecting what matters most for citizens and governments,” he concludes.

Comments () Views (8301 ) Print

Send To Friend