Via the Wall Street Journal, the news is out that pro-Russian hackers attacking Europe’s air-traffic Agency:
“The cyberattack on the agency’s website started on April 19, a spokeswoman for the European Organisation for the Safety of Air Navigation, also known as Eurocontrol, said, adding that it wasn’t affecting the agency’s air-traffic control activities.”
Of particular interest to us was this commonsense bit of information:
“Systems used for aviation safety are subject to stringent cyber-protection protocols and aren’t connected to external networks that could allow hackers to access them directly, the official said.”
David Mitchell, Chief Technical Officer, HYAS had this comment:
“It is important for critical OT systems like Air Traffic Control, power & water to be air-gapped from other IT systems — primarily because OT systems can often be decade(s) old and do not have the normal software update cycle of IT systems. Due to the nature of interactions with resources on the Internet or internal IT environments, it is very difficult to isolate newer systems and software to an air gapped environment while maintaining functionality.”
Jan Lovmand, CTO, BullWall follows up with this:
“Air-gapping, biometrics, and other methods of breaking the flow of data can be effective tools in preventing malicious actors from breaking into sensitive data networks, especially in high-security environments such as aviation safety systems. Air-gapping, which involves physically isolating critical systems from external networks, can provide a strong layer of defense against cyber-attacks. By keeping critical systems completely disconnected from external networks, the risk of unauthorized access or data breaches is significantly reduced.
“Biometrics, such as fingerprint or retina scans, can add an additional layer of security by requiring unique physiological characteristics for access. This can help prevent unauthorized access to sensitive systems and data, as biometric data is difficult to replicate or spoof.
“Other methods of breaking the flow of data, such as using one-way data diodes or unidirectional gateways, can also be effective in preventing data leaks or unauthorized access. These technologies allow data to flow in one direction only, preventing any backflow of information that could be exploited by hackers.
“While these measures can be effective in protecting sensitive data networks, they also have limitations. Air-gapping can be challenging to implement in complex networks, as it requires physical separation and can hinder communication and data exchange between systems. Biometrics, although highly secure, can also face issues such as false positives or false negatives, leading to potential access errors.
“A comprehensive defense strategy should incorporate multiple layers of security, including network segmentation, access control, data encryption and reliable backup and ransomware containment systems, in the event that all else fails, to provide robust protection against cyber threats.”
Roy Akerman, Co-Founder & CEO, Rezonate concludes with this:
“It is a common practice across different government agencies to apply completely air-gapped systems and total separation from wiring, to network, to software and mission critical systems. While there’s no silver bullet protection, as we are proven often, OT (Operational Technology) infrastructure like water, gas and electricity supply, military and air-traffic, and other deemed critical services apply the most stringent access and functional operation.
“The focus for the past few years, with nation state attacks on countries infrastructures and a near constant attack on countries as part of the global geopolitics, has increased both the risks as well as the readiness and practices implemented.”
These attacks on critical infrastructure are going to be the norm going forward. Thus defences on this infrastructure need to be on point. Otherwise these attacks will be successful which hurts us all.
Related
This entry was posted on April 22, 2023 at 8:00 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Europe’s Air-Traffic Agency Under Attack from Pro-Russian Hackers
Via the Wall Street Journal, the news is out that pro-Russian hackers attacking Europe’s air-traffic Agency:
“The cyberattack on the agency’s website started on April 19, a spokeswoman for the European Organisation for the Safety of Air Navigation, also known as Eurocontrol, said, adding that it wasn’t affecting the agency’s air-traffic control activities.”
Of particular interest to us was this commonsense bit of information:
“Systems used for aviation safety are subject to stringent cyber-protection protocols and aren’t connected to external networks that could allow hackers to access them directly, the official said.”
David Mitchell, Chief Technical Officer, HYAS had this comment:
“It is important for critical OT systems like Air Traffic Control, power & water to be air-gapped from other IT systems — primarily because OT systems can often be decade(s) old and do not have the normal software update cycle of IT systems. Due to the nature of interactions with resources on the Internet or internal IT environments, it is very difficult to isolate newer systems and software to an air gapped environment while maintaining functionality.”
Jan Lovmand, CTO, BullWall follows up with this:
“Air-gapping, biometrics, and other methods of breaking the flow of data can be effective tools in preventing malicious actors from breaking into sensitive data networks, especially in high-security environments such as aviation safety systems. Air-gapping, which involves physically isolating critical systems from external networks, can provide a strong layer of defense against cyber-attacks. By keeping critical systems completely disconnected from external networks, the risk of unauthorized access or data breaches is significantly reduced.
“Biometrics, such as fingerprint or retina scans, can add an additional layer of security by requiring unique physiological characteristics for access. This can help prevent unauthorized access to sensitive systems and data, as biometric data is difficult to replicate or spoof.
“Other methods of breaking the flow of data, such as using one-way data diodes or unidirectional gateways, can also be effective in preventing data leaks or unauthorized access. These technologies allow data to flow in one direction only, preventing any backflow of information that could be exploited by hackers.
“While these measures can be effective in protecting sensitive data networks, they also have limitations. Air-gapping can be challenging to implement in complex networks, as it requires physical separation and can hinder communication and data exchange between systems. Biometrics, although highly secure, can also face issues such as false positives or false negatives, leading to potential access errors.
“A comprehensive defense strategy should incorporate multiple layers of security, including network segmentation, access control, data encryption and reliable backup and ransomware containment systems, in the event that all else fails, to provide robust protection against cyber threats.”
Roy Akerman, Co-Founder & CEO, Rezonate concludes with this:
“It is a common practice across different government agencies to apply completely air-gapped systems and total separation from wiring, to network, to software and mission critical systems. While there’s no silver bullet protection, as we are proven often, OT (Operational Technology) infrastructure like water, gas and electricity supply, military and air-traffic, and other deemed critical services apply the most stringent access and functional operation.
“The focus for the past few years, with nation state attacks on countries infrastructures and a near constant attack on countries as part of the global geopolitics, has increased both the risks as well as the readiness and practices implemented.”
These attacks on critical infrastructure are going to be the norm going forward. Thus defences on this infrastructure need to be on point. Otherwise these attacks will be successful which hurts us all.
Share this:
Like this:
Related
This entry was posted on April 22, 2023 at 8:00 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.