Cyber War Games: ‘Too Little Too Late’

Uploaded on 2015-11-21 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

 

Financial centres in London and New York are to be hit with a simulated cyber-attack later this month in what could be a case of too little too late.

The exercise is to be the first stage of a Transatlantic cyber ‘war game’ agreed by British Prime Minister David Cameron and US President Barak Obama in January. However, both the length of time taken to initiate the first simulation and its limited scope already reveal an underlying weakness in the US/UK war games strategy.

When the joint strategy was originally launched in January it was in the immediate aftermath of the terrorist attack on the Paris offices of the French satirical magazine Charlie Hebdo. At the time, the US and UK leaders placed the threat of Islamist extremists – in particular the dangers posed by cyber warfare – at the top of their agenda.

The “war game” against the financial sector, which is being carried out with the co-operation of the Bank of England and other financial institutions, is being coordinated by a new joint “cyber-cell” established by the two powers to share information. Agents from the UK’s GCHQ and MI5 and America’s National Security Agency (NSA) and the Federal Bureau of Information (FBI) have been working in the US division of the cell and in a similar cyber-cell in the UK since earlier in the year.
Both Obama and Cameron were well-briefed regarding the danger of a full-scale terrorist attack on a financial centre such as New York or London. With financial systems, banking machines, power grids and other crucial services all now connected to the internet, a determined hacking attack could quite literally plunge The City of London into the Dark Ages.

Terrorists plan worst-case scenario
For stress testing of this nature, the simulation must not only be accurate but must also attempt to cope with a worst-case scenario, for that is what the cyber terrorists are planning. This means that the testing must be ruthless and take advantage of any conceivable weakness in the financial institutions’ security systems. It is notoriously difficult for organisations to try to penetrate their own defences in this way as they are invariably blind to security flaws they overlooked in the first place.
As long as the banks refuse to employ independent penetration testing services, the kind of simulation planned to hit the City later this month cannot be truly effective. Even at the start of this month, the UK government did not appear to have determined an exact scenario for the exercise. But all the indications are that the initial simulation, at least, will be highly limited in its scope.
According to a spokesman for the UK Government’s cyber security body, CERT-UK, an exact scenario for the exercise is yet to be determined: “It is testing how we would react to ‘x’ scenario, how our colleagues in the US would react, and how we would then co-ordinate communications with each other…There will be no testing of cash machines coming down, banks coming down or anything like that.”
Co-ordinating communications between the US and the UK in the event of an all-out cyber-attack would no doubt be useful, but there are more pressing tasks for the City. Some of the banks with a presence in the City of London have what can only be called antiquated digital infrastructure, some of it as much as 15 years out of date. Such outdated software is highly unsecure and is open to all kinds of malware attacks.
In the world of banking, the human element is the main weakness in any IT system. Around four-fifths of all cyber breaches can be traced to an internal source. Banks are particularly vulnerable owing to the sheer number of transactions they execute often involving unknown parties.

City’s cyber defences ‘antiquated’
Added to this is the fact that they deal in money, which makes the City of London a prime target for the world’s organised criminal gangs (OCGs) as well as for terrorist groups needing funds. The large sums transacted means that the criminals are able to invest in thorough social engineering, planning and software development to create an almost unstoppable cyber-attack. Unfortunately for the City, its financial institutions’ own cyber defences are generally antiquated in comparison to the malware, which is now available on the criminal forums of the Dark Web.

But the City has not only small terrorist groups and OCGs to fear; nation states across the globe are now more or less openly preparing for cyber warfare. What would make a first strike offensive doubly crippling is that it can be extremely difficult to trace the source of cyber-attack of any kind. The aggressor state can easily cover its digital footprints to the point where it can plausibly maintain that the attack must have come from another source. Countries such as China now literally have regiments of hackers on their military strength.
Ein News: http://bit.ly/1RZkulX

 

« 7 Things You Need to Know About Car Hacking
50% of US Businesses Have No Formal BYOD Policy »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Optimum Insurance

Optimum Insurance

Optimum's Cyber Risk & Data Protection Insurance policies are designed to protect against cyber exposures that arise when a company’s data and customer information is breached or stolen.

Lookout

Lookout

Lookout is the data-centric cloud security company that uses a defense-in-depth strategy to address the different stages of a modern cybersecurity attack.

LogonBox Software

LogonBox Software

LogonBox Software specialises in producing a cost-effective range of Network Security and Identity Management software solutions for all sizes of Enterprise.

Internet Storm Center (ISC)

Internet Storm Center (ISC)

ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with ISPs to fight back against the most malicious attackers.

FileWave

FileWave

FileWave offers a single solution for managing apps, devices, and more for Mac, Windows, and mobile devices.

Innova

Innova

Innova is Turkey's leading IT solutions company, providing platform independent solutions to organizations in telecommunication, finance, production, public and service sectors.

Griffeshield

Griffeshield

Griffeshield is a company specialised in new information technologies used to protect Intellectual Property.

GoSecure

GoSecure

GoSecure Managed Detection and Response helps all organizations reduce dwell time by preventing breaches before they happen.

OffSec

OffSec

OffSec have defined the standard of excellence in penetration testing training. Elite security instructors teach our intense training scenarios and exceptional course material.

Limes Security

Limes Security

Limes Security GmbH is the leading OT Security expert in the German-speaking region of Europe.

Digital Intelligence

Digital Intelligence

Digital Intelligence offer a full array of products, forensic and e-discovery consulting services and training.

Hexens

Hexens

Hexens introduces a whole new approach to cybersecurity solutions. Indisputable skills and a unique super-focused perspective on every single case are the values we create.

Digital Security Authority (DSA) - Cyprus

Digital Security Authority (DSA) - Cyprus

The establishment of the Digital Security Authority, which incorporates the National CSIRT, is crucial to significantly raising the cybersecurity posture and capabilities of Cyprus.

Reach Security

Reach Security

Reach is the first generative AI platform purpose-built to empower enterprise security teams. With Reach, organizations measure, manage, and improve their enterprise security posture at scale.

Adili Group

Adili Group

Adili Group is a leading pan-African corporate advisory firm. We deliver tailored solutions in regulation and compliance, risk management, and improving business efficiency.

Interpres Security

Interpres Security

Interpres Security operationalizes TTP-based threat intelligence and automates continuous exposure monitoring to help CISOs and security practitioners reduce threat exposure.