Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Hospitals and air traffic control are potential targets of cyber attacks

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

November 30, 2015

GCHQ (the U.K. Government Communications Headquarters) says that hospitals and air traffic control are vulnerable and are potential targets of online attacks.

In a recent high-profile speech at GCHQ, the agency said that only the financial services sector runs comprehensive stress tests.

The overall lack of exercises designed to hone defences raised some serious questions about the robustness of key components of Britain’s critical national infrastructure.

The banking industry is getting tested but there isn't anything like Waking Shark II and Resilient Shield for other elements in the critical infrastructure (power, telecoms etc.) And the need for preparedness against attack in other sectors is certainly there as well.

“For the United Kingdom, defending our citizens from hostile powers, criminals or terrorists, the internet represents a critical axis of potential security vulnerability,” GCHQ said.

“From our banks to our cars, our military to our schools, whatever is online is also a target,” it warned.

“We see from this place every day that the malign scope of our adversaries’ goals, their warped sophistication and their frenetic activity. The stakes could hardly be higher if our electricity supply, or our air traffic control, or our hospitals were successfully attacked online, the impact could be measured not just in terms of economic damage but of lives lost,” the agency added.

It said that “GCHQ is monitoring cyber threats from high end adversaries against 450 companies across the aerospace, defence, energy, water, finance, transport and telecoms sectors”. It also warned that “every British company is a target, that every network in the U.K. will be attacked”.

Growing evidence that targeted attacks have spread and have affected victims far outside the financial sector is all too apparent, even though incidents of hackers taking out power grids or threatening lives are conspicuous by their absence.

Ed Wallace, director of incident response and advanced threats at security consultancy MWR Infosecurity, says-- “After Stuxnet, Shamoon is probably the most widely known destructive computer attack and is frequently attributed to Iran. It targeted several organisations’ networks, most publicly Saudi Aramco (one of the world's largest companies), wiping out their corporate network of nearly 30,000 computers, along with a similar attack against RasGas, as well as several others.”

Media and telecom firms have also been hard hit by nation-state orchestrated attacks. "The ’Dark Seoul’ attacks that wiped computers at three banks and three media organizations in South Korea were an example. Since then many parts of CNI [Critical National Infrastructure] in different countries have been attacked from telecommunications to nuclear power plants.

"By far, the overall majority of those attacks have continued to focus on information theft but the recent attack a few months ago against the French TV 5 news channel (now attributed to Russia and the 'APT-28' group, often thought to be running under the Russian Military service, the 'GRU') shows that it's not just the financial sector that is increasingly at risk,” he warned.

Wallace added-- "At MWR we track various countries’ cyber programs and most are looking to adopt variants of China's 'Unrestricted Warfare' doctrine, which singles out five key sectors-- Finance, Media, Energy, Telecommunications and Transport. The focus for most remains on Finance (as it is in China's UW doctrine) but the other sectors are also under attack and are at risk."

Jim Gumbley, who worked on security within the Cabinet Office before moving on to the private sector with global IT consultancy Thought Works, said that financial sector companies are ahead of the resilience game.

“Our finance clients almost always have a structured and resourced approach to protecting against attack, but things are patchier in other sectors,” Gumbley said.

Most of the finance sector works within regulation or policy that explicitly makes handling information security risk an executive responsibility.

When the leaders of an organization take information security risk seriously, it does seem to have an impact on outcomes.

The high-profile hacker attacks over the last year underline the need for companies to build more secure software from the ground up, rather than adding it on at the end, according to Gumbley.

Source: The U.K. Government Communications Headquarters.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.


Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer