A survey shows that over the past two years, 9 in 10 critical infrastructure providers have been hit by 2 or more cyber attacks. A majority of the cyber attack victims have had their environments damaged, leaving their systems out of action, after at least one attack.
The new research report titled ‘Cybersecurity in Operational Technology: 7 insights You Need to Know’ which was carried out by Ponemon Institute and led by Tenable, found that more than 62 per cent of the survey respondents had experienced two or more cyber attacks in the same period.
710 security professionals from the US, Japan, Mexico, the UK, Germany and Australia were surveyed and the results were used for a report. 50 per cent of the respondents said they experienced an attack against operation technology (OT). Additionally, around 23 per cent stated they were attacked indirectly and had previously become victims of a nation-state attack.
Findings from the report suggested a variety of factors which may have left the providers vulnerable to a cyber attack. The most prominent factors included: the skills-gap in the industry for cyber security and poor visibility into the attack surface of the organization.
Senior Director of Strategic Initiatives at Tenable, Eitan Goldstein stated, “OT professionals have spoken-the people who manage critical systems such as manufacturing plants and transportation almost unanimously state that they are fighting off cyber arracks on a regular basis.”
“Organizations need visibility into their converged IT/OT environments to not only identify where vulnerabilities exist but also prioritize which to remediate first. The converged IT/OT cyber problem is one that cyber-security and critical infrastructure teams must face together,” he added.
In addition to this report, Telecom Review produced a special supplement magazine that was specifically designed to examine and explore the complex challenges 5G will bring from a cybersecurity perspective.
Telecom Review which is the leading B2B telecommunications publication globally, sought the expertise and knowledge of CTO’s from global operators such as TELUS, Orange, KT and Vodafone.
5G is an up and coming technology which has been under a great deal of speculation within the industry. New technology often brings new challenges, cyber security being one of them. Cyber criminals will be prepared to exploit the weaknesses of this new technology if they industry does not catch up with the latest security trends and information.
In the special edition magazine compiled by Telecom Review, TELUS and Vodafone highlighted globalization along with political and trade alliances as key issues related to cybersecurity that are not the most pronounced issues as of yet in terms of 5G technology. They stated that other important issues may need to be raised to ensure optimum security. Some of the issues they outlined for consideration were adversarial scenarios and supply chain integrity outcomes.
“Security is a journey and not a one-time event. G introduces new challenges across a wide-range of areas that will require new security measures and continued diligence,” said Telus CTO,
“There are several concerns raised about security and 5G, and they reflect the expectations and the hope that we have in 5G. As 5G can be vital for the entire society, the security aspects of 5G are of the utmost importance,” said Orange CTO and SVP,..
, President and CTO, AT&T Labs explained that the company is adopting a “defense-in-depth” approach. “This approach includes embedding various controls within the network such as compliance auditing, micro-perimeter, and automated security policies. We are coupling these embedded policies with security platform innovation and enhancements to do truly real-time monitoring, alerts and response activities when anomalies are detected”, he said.
He added, “There is no bulletproof combination of processes, tools and technology; no “silver bullet” when it comes to cybersecurity.”
Many members in the industry have been raising concerns about how secure 5G will actually be once it is rolled out. While it may be daunting and challenging, organizations must ensure complete protection from all types of attacks as hackers are consistently developing ways to keep up with new technology and recognize its weaknesses. Organizations have been working towards developing a competitive edge against these hackers KT’s CTO and SEVP,described this as “an ever-evolving battle between spears and shields.”