1 / 20

Critical National Infrastructure: Cyber Threat

Critical National Infrastructure: Cyber Threat. understanding future risks and opportunities. Alt3. www.alt3.co.uk james@alt3.co.uk. BIOGRAPHY JAMES STUART:. extensive experience of multinational strategy and development

tehya
Download Presentation

Critical National Infrastructure: Cyber Threat

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Critical National Infrastructure: Cyber Threat understanding future risks and opportunities Alt3 www.alt3.co.uk james@alt3.co.uk

  2. BIOGRAPHY JAMES STUART: • extensive experience of multinational strategy and development • involved in understanding how the world is changing – to ensure the right decisions are taken and making the investment of limited resources count • extensive research into the ripple-effect of change • - the extended surface and sub surface impacts • - the consequences • - visibility of opportunity and threat • expertise in emerging threat • james@alt3.co.uk

  3. DISCUSSION: Cyber Warfare This is the 21st century. You don’t have to defeat an army on the battlefield to win the war. 2013: cyber warfare considered a greater threat to US interests than AQ 2014: upturn in European activity

  4. Making sure everyone has the same understanding: Definition of war (20th century): “shock and awe” – large armies, zooming planes, lots of munitions, long distance PR based on front line news comments from the boots on the ground. High risk. High cost. Lots of death. Anti-war demonstrations. Election issue. War-weariness. Definition of war (21st century): Silence. You don’t know it’s happening. People continue on their daily lives while beneath the surface the war rages … with cyber vulnerabilities exposed and people believing they are safe. Ignorance is bliss.

  5. Making sure everyone has the same understanding: CYBER WARFARE: Instead of the high risk / high cost / high opposition dismantling an entire country through traditional warfare, cyber warfare can essentially close down that country at the press of a button … … or at least inflict serious economic damage. But … the trouble is … anyone with a grudge can potentially do this. And the world is full of very intelligent people.

  6. Hidden Reality: • Welcome to the turbulent 21st century. The war is already raging … and many people are blissfully unaware. • Hacking became known in the 1960’s • It became prevalent in the 1980’s • It became industrialised in the 2000’s • It broke the surface into public knowledge in 2010 with Stuxnet (Operation Olympic Games) • 2010, US Pentagon sets up U.S. Cyber Command • 2013 – hit the headlines once more through the “Syrian Electronic Army”

  7. Hidden Reality: • Cost of a Tomahawk Cruise missile (2011): $1.41M • Traditional 20th century armies, cost: $billions • Estimated cost to produce and distribute Stuxnet: $380K • Hacking costs $billions only for the attacked. • 23rd April, 2013: SEA hacked the website of the Associated Press. Twitter messages released stating the White House had been bombed and the President injured. • Result: $136.5bn stock market dip.

  8. Hidden Reality. IF you had to fight a war what would you do? Stealth Vs “shock and awe” – what would you go for? Low cost efficiency Vs high cost / high risk – what would you go for? This is the 21st century. “You don’t have to defeat an army on the battlefield to win the war” For the past 5 years cyber warfare has been raging. Most people don’t even know it. If you don't understand the risks, how can you prepare? Can you afford to let the issues be blurred?

  9. Hidden Reality: • Cyber Warfare is: • a “game” of cat and mouse • something all the major powers are engaged in • initially around IP theft and defensive security • now major multinational vulnerability and threat assessment • now major state funding • and when attackers found out … becomes a “blame game” • The world is changing. The pace of change is increasing. The more we live our lives on line, the greater the automation, the greater the “footprints in the sand” – and the greater the vulnerability. The era of “big data”.

  10. Vulnerabilities: • Critical Infrastructure – any core system an advanced country requires to maintain its daily operations: • transport • health • financial • energy • water • government • - not a move away from high tech IP theft or financial crime but an evolution into national security.

  11. In todays fragile economic climate … what if … • … one of these critical service sectors was to be suddenly unavailable? There would be: • chaos • a momentum of chaos and increasing panic • an attempted sudden imposition of “control” from the centre • devaluation • potential social disintegration • Welcome to the turbulent 21st century. You don’t have to defeat an army on the battlefield to win the war.

  12. In todays fragile economic climate … in the next 2-3 years … Cyber Warfare will become the number ONE priority for national security. (closely followed by terrorism and then rogue, extremist states – all of which are linked) And within this timeframe there will be at least one major global / regional intrusion episode with a severe damage probability. Do not make the mistake of thinking bad things just happen to other people.

  13. So, who’s doing this? • Major global / international powers • aggressive foreign policy • seeking to steal IP and gain commercial benefit • even as a means of defence • as a means of (at times questionable) surveillance • Extremist states • Other countries • Extremist and anarchist groups including terrorists • Industrial espionage hackers • Mischief makers • … and we are • The war is raging. It is gathering pace.

  14. Evidence? Full Scale and Massive Intrusion. The open secret: • large scale IP theft that can not take place without national knowledge – originally to steal commercial secrets, now mainly to steal the technology secrets that are at the core of modern defence systems and critical infrastructure • the constant probing of defences by potentially hostile powers – most developed countries now have a budget for cyber defence and often for cyber offence • Baltic States – “Cyber War I, 2007” • Georgia – “Cyber War II, 2008” • The last 2 points can be seen as training and trial runs for something more significant and crippling. • 2014 – you can guarantee Russia is ready to close down Ukraine

  15. The point is … • it exists • it is a fact of life • it is more prevalent than most people realise • it is set to become even more prevalent • no one is immune to the potential consequences of cyber war • In a highly competitive world when there is conflict or the risk of conflict (therefore the need to defend) countries want that low cost / low risk option.

  16. The targets of Cyber war – FACTS: 1. The world is becoming more “automated” – faster, more global, more communicative. 2. Every time you make a phone call, every time you engage in a transaction, every time you visit a web page, every comment you make on line … you leave a footprint. This is “high availability” data. You engage in these actions through organisations, or organisations do so on your behalf … every day. 3. Every time an organisation electronically touches the outside world for any reason … they create their own footprint. Crucially, they do so through gateways. 4. If not guarded properly these on line gateways are in fact open doors. 5. Cyber warfare and a large proportion of cyber crime focuses on finding a route through these open doors or poorly guarded gateways. 6. This is “vulnerability”. The world is full of smart people and capable computing.

  17. What do we need to do? Understand the nature of vulnerability: • what are the national vulnerabilities? Do bad things really just happen to someone else? • what are the common international vulnerabilities? • from where are the common threats? • what is the common ground? Build alliances. • it’s not “us against the world”. There IS a shared threat and a common ground. • The world is changing. The pace of change is increasing. Reach out. You will be surprised at who our friends are with whom we share a common goal.

  18. The Greatest Threat? • Nationalism? • The belief it’s us against the world and no one else can be trusted. • FACT: • there are many of us who share the same threat • there are many of us who share the same vulnerabilities • shared defence creates greater security • this means mutual respect, benefits AND privacy • no one member is greater than any of the others • This is our only viable future.

  19. Thank you. james@alt3.co.uk If you don't understand the risks, how can you prepare? Can you afford to let the issues be blurred?

More Related