Monday, 21 September 2015

Can an air-gap system be hacked?

The answer to the above question a few years back would have been “no” but today with proliferation of “internet of things” and hearing about cyber-attacks on critical network infrastructure such as oil gas, water, electricity, transportation system the answer is “Yes”, air-gapped systems can also be hacked.

In wake of the recent data breach which happened on US Government system wherein 4 billion data records were hacked put a question in my mind if a US government system can be breached what about us do we have the appropriate processes, technologies and cyber-aware people to defend the organization against such a threat and as it has been said you are as secure as your weakest link.

I have been reading through a lot of reports/studies from well-known institutes and organizations which put “cyber threat” as the number ONE threat to an organization.  The first thought which came to my mind was while I used to carry out security assessments for clients my objective was to gain access to the system and for that I used to spend hours trying to identify a vulnerability on the client system and then develop an exploit to exploit a vulnerability which would provide me with access to the system.

Now the steps can be included in a piece of automated code and identify a way  of delivering the code on the target system and Wola, you have access to the system. 

This means sophistication and what's known as the Advanced Persistent Threat, a small object of code executed by mindless human bodies never to betray their masters and at the same time lay undetected for long years until the organization knows that they have been breached / hacked.

Can an organization protect itself from such a sophisticated cyber threat?

The good news is “yes” it can but only when it has a razor sharp focused and targeted cyber security program against such a sophisticated threat.

The cyber security program should cover the three core components across people, process and technologies which could be the following:

Cybersecurity governance - This component sets the senior management intent, vision and direction towards cybersecurity

Cybersecurity management controls - This component addresses the required set of process that should be in place

Cybersecurity technical controls - This component address the required set of technical controls for the cybersecurity management program.


Post a Comment