June 19, 2013 By Larry Karisny
We are connecting digital intelligence to our homes, businesses, critical infrastructure and national defense at such staggering rates that we had to come up with methods of collecting "big data." Individuals now have the ability to access terabytes of information, millions of apps and thousands of devices that have the potential of activating critical processes at the touch of a screen. Security has been a continual afterthought even in areas as sensitive as our power grid. Even when security is responsibly deployed, breaches still happen, disclosing the weaknesses of current security solutions. There is no one-size-fits-all in cyber solutions. Instead, the best of the pieces are assembled to achieve the best possible security. Here are some good pieces of the security puzzle that when put together, offer resolution to the big problems faced today in cyberattacks.
Whether you want to secure your private conversations or a corporate database, you must first have a way to authenticate the human or machine initiating action. Sadly, this needs a lot of work. Fortunately, there is a lot of available technology to choose from.
With the password being just about dead, companies are reaching for other ways to effectively authenticate and validate this all-important initial process: access. From biometric human authentication to encrypted nano-sensors offering machine location-based identifiers, we have the technologies to securely authenticate the start of just about anything. With the computing power and popularity of BYOD, the smart phone may be the go-to personal control device that will multiply security access privileges under a single authentication. We are now just beginning to deploy apps and chip sets supporting these authentication capabilities.
When we communicate to a machine, the security beginning and end point is not a port or cable connected to some device. The points are often very complex microchips with coded processes within themselves. These trusted computer chips like BYOD devices can become part of the solution in cybersecurity -- and part of the problem.
Don Thompson, CEO of MerlinCryption explains the potential threat of microchip foul play in cybersecurity. "Embedding malicious code or 'back doors' into microchips is a growing trend in espionage," says Thompson, "The rogue chip conspiratorially communicates critical intelligence back to its criminal host. It is paramount to procure only tamper-proof USA-made chips to be used in developing the circuit board, then reinforce the device with robust encryption. End-point encryption, coupled with multi-factor authentication thwarts attacks against data.”
The most common solution of moving secured information over the Internet is through Virtual Private Networks (VPN). A VPN extends a private network across public networks like the Internet by establishing a virtual point-to-point connection through the use of dedicated connections or encryption. These techniques add security to the information flow but are expensive and still have security vulnerabilities. Realizing these costs and the security concerns with VPNs, a team at STTarx developed a method of truly protecting data-at-rest and data-in-motion and also masking transmissions. Their networks are stealthy and impenetrable and messaging is immune to illicit decryption. This technique offers an economic and secure method of passing data through the Internet.
Curt Massey, the CEO of STTarx Shield, explains this unique process. "We never accepted the common wisdom that networks must always be vulnerable or that messaging must rely on increasingly complex and cumbersome encryption algorithms that would eventually be broken. We used a fundamentally different approach to solving both issues. Every pen tester for a period of years has walked away scratching their heads due to complete failure to either penetrate our networks or even capture our traffic. Those to whom we have given sample STTarx traffic have been completely unsuccessful in decrypting it. We enable other solutions to focus on protecting the internal network."
Today we connect multiple levels of people, applications, software, hardware and networks to our enterprise, control systems and cloud computing. There are so many layers that we are beginning to lose control of what the business process and software logic action is supposed to be doing, even though it is secured and authenticated. This is why recent exploit attacks have been directed without detection toward system process software, not just networks and databases. We need a method of real-time viewing, auditing and even blocking multiple simultaneous process actions. Rajeev Bhargava, CEO of Decision-Zone found this same problem when trying to debug software programs which led him to the unique use of graphical anomaly detection as a new method of intrusion detection security. This is how he explains it.
"The conventional view of security is primarily aimed at securing an organization’s assets, including facilities, goods, IT infrastructure and information silos. However, the characteristics of the threat environment organizations are exposed to are changing. Whereas in the past solitary intruders sought entry into an organization's network and facilities and created minor damage; nowadays these attacks originate from highly organized groups and are aimed at obtaining services or money by disrupting or diverting the victim’s normal business operations. Sometimes this is an authorized and authenticated insider.
"Processes, by nature, consist of a number of tasks performed by different individuals, usually within different departments," said Bhargava, "making them vulnerable to mistakes, misunderstandings, miscommunications and abuse. A business process consists of a set of logically interrelated tasks, intended to generate an output beneficial to the organization. A process aims to create higher-value output from lower-value input, at a cost that is lower than the increase in value of the generated product. These processes have extreme value to a company and often are the reason they have a competitive edge. These process inputs are the same place where security breaches can be identified, audited and potentially blocked. Decision-Zone has built the ultimate process security application for validating/tracking these input actions against the business process logic assuring both process productivity and process security."
Disclosures of cybersecurity breaches are constant. The damage done, money lost and intellectual property stolen is staggering. State-sponsored attacks have been validated, banks robbed, intellectual property stolen, even attacks on your personal privacy. Studies have clearly stated the certainty that you have been breached or we will be breached. The companies that were researched and quoted above have clearly stated their cases, have tested their capabilities and together can offer resolutions to specifically address these security issues.
Knowing the reality and reasons behind cyberattacks, it’s time to stop talking and start offering resolution to these serious problems. In the last few weeks, with no uncertainty, we have recognized the immediate need for cybersecurity solutions from our personal privacy to national defense. There is no "it won’t happen to me" anymore. There is no more sticking our heads in the sand. We must immediately deploy prevention and detection technologies to our critical processes or frankly, we could lose it all.
Larry Karisny is the director of ProjectSafety.org, a cybersecurity expert, advisor, consultant, writer and industry speaker focusing on security solutions for mobility, the smart grid and municipal critical infrastructure.