Cyber War Games: ‘Too Little Too Late’

Uploaded on 2015-11-21 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

 

Financial centres in London and New York are to be hit with a simulated cyber-attack later this month in what could be a case of too little too late.

The exercise is to be the first stage of a Transatlantic cyber ‘war game’ agreed by British Prime Minister David Cameron and US President Barak Obama in January. However, both the length of time taken to initiate the first simulation and its limited scope already reveal an underlying weakness in the US/UK war games strategy.

When the joint strategy was originally launched in January it was in the immediate aftermath of the terrorist attack on the Paris offices of the French satirical magazine Charlie Hebdo. At the time, the US and UK leaders placed the threat of Islamist extremists – in particular the dangers posed by cyber warfare – at the top of their agenda.

The “war game” against the financial sector, which is being carried out with the co-operation of the Bank of England and other financial institutions, is being coordinated by a new joint “cyber-cell” established by the two powers to share information. Agents from the UK’s GCHQ and MI5 and America’s National Security Agency (NSA) and the Federal Bureau of Information (FBI) have been working in the US division of the cell and in a similar cyber-cell in the UK since earlier in the year.
Both Obama and Cameron were well-briefed regarding the danger of a full-scale terrorist attack on a financial centre such as New York or London. With financial systems, banking machines, power grids and other crucial services all now connected to the internet, a determined hacking attack could quite literally plunge The City of London into the Dark Ages.

Terrorists plan worst-case scenario
For stress testing of this nature, the simulation must not only be accurate but must also attempt to cope with a worst-case scenario, for that is what the cyber terrorists are planning. This means that the testing must be ruthless and take advantage of any conceivable weakness in the financial institutions’ security systems. It is notoriously difficult for organisations to try to penetrate their own defences in this way as they are invariably blind to security flaws they overlooked in the first place.
As long as the banks refuse to employ independent penetration testing services, the kind of simulation planned to hit the City later this month cannot be truly effective. Even at the start of this month, the UK government did not appear to have determined an exact scenario for the exercise. But all the indications are that the initial simulation, at least, will be highly limited in its scope.
According to a spokesman for the UK Government’s cyber security body, CERT-UK, an exact scenario for the exercise is yet to be determined: “It is testing how we would react to ‘x’ scenario, how our colleagues in the US would react, and how we would then co-ordinate communications with each other…There will be no testing of cash machines coming down, banks coming down or anything like that.”
Co-ordinating communications between the US and the UK in the event of an all-out cyber-attack would no doubt be useful, but there are more pressing tasks for the City. Some of the banks with a presence in the City of London have what can only be called antiquated digital infrastructure, some of it as much as 15 years out of date. Such outdated software is highly unsecure and is open to all kinds of malware attacks.
In the world of banking, the human element is the main weakness in any IT system. Around four-fifths of all cyber breaches can be traced to an internal source. Banks are particularly vulnerable owing to the sheer number of transactions they execute often involving unknown parties.

City’s cyber defences ‘antiquated’
Added to this is the fact that they deal in money, which makes the City of London a prime target for the world’s organised criminal gangs (OCGs) as well as for terrorist groups needing funds. The large sums transacted means that the criminals are able to invest in thorough social engineering, planning and software development to create an almost unstoppable cyber-attack. Unfortunately for the City, its financial institutions’ own cyber defences are generally antiquated in comparison to the malware, which is now available on the criminal forums of the Dark Web.

But the City has not only small terrorist groups and OCGs to fear; nation states across the globe are now more or less openly preparing for cyber warfare. What would make a first strike offensive doubly crippling is that it can be extremely difficult to trace the source of cyber-attack of any kind. The aggressor state can easily cover its digital footprints to the point where it can plausibly maintain that the attack must have come from another source. Countries such as China now literally have regiments of hackers on their military strength.
Ein News: http://bit.ly/1RZkulX

 

« 7 Things You Need to Know About Car Hacking
50% of US Businesses Have No Formal BYOD Policy »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Lockton

Lockton

Lockton is the world’s largest privately owned insurance brokerage firm. Commercial services include Cyber Risk insurance.

Digital Defense Inc (DDI)

Digital Defense Inc (DDI)

DDI offers vulnerability scanning, penetration testing, web application testing, social engineering and additional security assessments.

CYBER 1

CYBER 1

CYBER 1 provides cyber security solutions to customers wanting to be resilient against new and existing threats.

National Information Security & Safety Authority (NISSA) - Libya

National Information Security & Safety Authority (NISSA) - Libya

NISSA is responsible for safeguarding the integrity, availability and resilienceof ICT infrastructure, resources, services and data in Libya.

Cyber Risk Agency

Cyber Risk Agency

Cyber Risk Agency is a cybersecurity consulting firm specializing in managing cyber risks for SMEs.

Sparta Consulting

Sparta Consulting

Sparta Consulting is an information management and business development full service provider.

Tukan IT

Tukan IT

Tukan IT provides a data classification and protection solution.

Logz.io

Logz.io

Logz.io is an AI-powered log analysis platform that offers the open source ELK Stack as a enterprise-grade cloud service with machine learning technology.

Enosys Solutions

Enosys Solutions

Enosys Solutions is an IT security specialist with a skilled professional services team and 24x7 security operations centre servicing corporate and public sector organisations across Australia.

Uniwan

Uniwan

Uniwan is an IT services company specializing in networking and security.

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

Orchestra Group

Orchestra Group

Orchestra Group offer a unique integrated cybersecurity defense platform with proactive security policy management and enforcement orchestration.

SearchInform

SearchInform

SearchInform is a leading risk management product developer, protecting business and government institutions against data theft, harmful human behavior, compliance breaches and incomplete audit.

Systems Assessment Bureau (SAB)

Systems Assessment Bureau (SAB)

Systems Assessment Bureau is an internationally recognized ISO Certification Body with a unique vision of “Excel together with global standards”.

Prevasio

Prevasio

Prevasio is a next-gen Cloud Security Posture Management (CSPM) with a built-in Vulnerability and Anti-Malware Scan for Containers.

RAND Corporation

RAND Corporation

The RAND Corporation is a non-profit institution that helps improve policy and decision making through research and analysis.