Practical Business Cyber Security
Solutions for Various Organizations
Aviation
One of the most significant cyber-attacks on the aviation sector was the 2018 attack on Cathay Pacific Airways, which resulted in the exposure of the personal information of over 9 million passengers. The airline had failed to encrypt passport details and other personal data, which was later exploited by cybercriminals. The breach cost the airline millions of dollars in compensation payouts and damaged the company’s reputation.
Another notable attack was the WannaCry ransomware attack in 2017, which affected many organizations, including FedEx, but also impacted many airports worldwide. The attack caused widespread disruption to airport systems and caused significant delays to travellers.
The aviation sector is also at risk of attacks on safety-critical systems, such as those that control air traffic and ground support. In 2018, researchers discovered a vulnerability in the communications protocol used in air traffic control systems that could allow attackers to remotely disrupt communication between planes and control towers. Although no attack has yet been reported, the potential impact of such an attack could be catastrophic.
The costs of a successful cyber-attack on the aviation sector can be significant, including operational disruptions, reputational damage, regulatory fines, and legal liabilities. In addition, cyber-attacks on safety-critical systems could pose significant risks to public safety.
To mitigate the risks of cyber-attacks, the aviation sector must implement robust cybersecurity measures, including network segmentation, intrusion detection systems, and vulnerability assessments. Additionally, aviation organizations must invest in employee training and raise awareness about cyber risks across all levels of the organization.
In conclusion, the aviation sector is vulnerable to cyber-attacks, and the consequences of a successful attack can be significant. The attacks on Cathay Pacific Airways, the WannaCry ransomware attack, and the potential risk to safety-critical systems illustrate the need for the aviation sector to prioritize cybersecurity. By implementing strong cybersecurity measures, the aviation sector can reduce the risks of cyber-attacks and ensure the safety and security of its passengers and operations.
Abatis is deployed protecting critical national infrastructure including SCADA environments and ensures the safety of millions of flights and hundreds of millions of passengers each year.
Operational Technology
Several factors contribute to the security challenges faced by OT systems. OT components are often designed with functional goals in mind, neglecting basic IT security requirements and leaving them vulnerable to cyber-attacks. Many companies heavily rely on OT vendors due to limited knowledge about industrial automation, resulting in vendor lock-in and hindering the implementation of security fixes.
As OT systems often manage critical industrial processes and are vital components of national critical infrastructures, enhanced security features are necessary to safeguard these assets. Common vulnerabilities in OT systems must be addressed to ensure their security. Legacy systems and outdated technology without built-in security measures make OT networks more susceptible to cyber-attacks. Inadequate network segmentation allows attackers to move laterally within the network, increasing the overall risk. Weak authentication mechanisms and access controls may enable unauthorized users to gain access to sensitive systems and data. The use of insecure communication protocols and the absence of comprehensive monitoring tools make OT networks vulnerable to eavesdropping and data tampering. Insider threats, integration with IT networks, supply chain risks, physical security vulnerabilities, and the lack of cybersecurity awareness and training further compound the security risks.
To mitigate these risks, organizations should adopt a proactive security approach. This includes conducting regular risk assessments, implementing network segmentation, employing strong authentication and access controls, and continuously monitoring and responding to security incidents.
Operational technology is critical for infrastructure systems like refineries, power plants, and nuclear plants. With increasing legal obligations for critical infrastructure operators, the implementation of secure OT systems has become imperative. The widespread adoption of IoT building management and automation solutions since 2000 has introduced new risks. Inadequate security in these solutions has led to ransomware attacks, causing operational failures, risks to health and safety, damage to brand reputation, and financial losses for businesses operating in such buildings.
In the modern industrial setting, there is a growing emphasis on IT/OT cooperation and alignment. Building close collaboration between IT and OT departments is essential to enhance effectiveness in areas like change management, incident management, and security standards. However, certain restrictions may limit OT systems from performing safety functions, particularly in the nuclear environment, due to concerns about software reliability. The Stuxnet malware incident serves as a stark reminder of the potential catastrophic consequences if a safety system becomes infected with malware.
In conclusion, securing operational technology systems is a complex task that requires adapting security approaches to the unique requirements and priorities of OT environments. Organizations must address vulnerabilities, enhance collaboration between IT and OT departments, and implement proactive security measures to safeguard critical infrastructure and protect against cyber threats.
Introducing Abatis™ shield technology, originally developed to protect Armasuisse’s air-gapped defensive systems in the Alps. Since then, it has safeguarded critical national infrastructure, including military, civilian nuclear, and air traffic control systems.
This proactive solution enforces operating system integrity and effectively blocks malware on supported Windows and Red Hat Linux platforms. With its small 37kb footprint, it can be deployed widely without impacting system performance. Notably, Abatis™ Shield Technology boasts an impeccable track record, with no reported breaches or CVEs since its inception in 2005.
With its non-signature-based approach, it thwarts zero-day and targeted attacks, ensuring system and file integrity. It protects against both known and unknown threats, preventing unauthorized modifications and neutralizing hacking activities. Furthermore, it offers vital protection for legacy equipment that no longer receives updates or security patches, providing a credible defense for real-time, process control, safety-critical systems, and SCADA environments.
By allowing updates while blocking unnecessary items, it enhances Windows performance. Even with the highest level of system privilege, backdoors and rootkits cannot bypass the control of Abatis™ shield technology. It presents a robust and reliable solution for securing critical infrastructures and mitigating cybersecurity risks.
Sectors Operational technology (OT) finds applications across various sectors and environments, including:
- Oil and gas
- Power and utilities
- Chemicals manufacturing
- Water treatment
- Waste management
- Transportation
- Scientific experimentation
- Critical manufacturing
- Building management and automation
- Building lighting controls and automation
Education
Therefore, it is crucial for the Education Establishment to protect its IT estates, including all endpoints, laptops, servers, and other devices, from cyber threats.
In recent years, several educational institutions have fallen victim to cyber-attacks, including ransomware attacks, data breaches, and phishing scams.
In 2018, the University of Greenwich in London suffered a data breach that exposed the personal information of almost 20,000 students and staff members. In 2019, the University of California, San Francisco paid a ransom of $1.14 million to regain control of its computer systems after a ransomware attack.
Schools have also been targeted by cybercriminals. In 2020, the Baltimore County Public Schools system in Maryland was hit by a ransomware attack that disrupted online learning for several days. In the same year, the Clark County School District in Nevada experienced a data breach that exposed the personal information of almost 300,000 students and employees.
These examples demonstrate the serious consequences of cyber-attacks on educational institutions, including the loss of sensitive data, disruption of services, and financial costs. It is therefore imperative for the Education Establishment to invest in robust cybersecurity measures, including regular backups, employee training, and proactive security measures, to protect their IT estates from cyber threats.
Critical National Infrastructure
In another example, the Oldsmar water treatment plant in Florida was targeted by a cyber-attack in February 2021, where attackers attempted to increase the levels of sodium hydroxide (lye) in the water supply to dangerous levels. Fortunately, the attack was detected and prevented before any harm was caused.
These examples illustrate the real and significant risks that public utilities face from cyber-attacks. It is mission-critical that public utilities secure their networks and endpoints from harm, to protect against the potential damage and disruption caused by cyber-attacks.
Public utilities need to implement robust cyber security measures, including regular software updates, strong access controls, employee training, and data backups to prevent data loss in the event of an attack. Endpoint security measures, such as endpoint detection and response (EDR) and next-generation antivirus (NGAV), can also be highly effective in preventing and mitigating the impact of cyber-attacks.
By prioritizing cyber security, public utilities can ensure the continuity of essential services and protect the safety and well-being of the public.
Abatis provides network and endpoint cyber security across the entire estate, including older operating systems from Microsoft NT4 to present day, including RedHat Linux.
Energy
One of the most significant cyber-attacks on the energy sector was the 2015 attack on Ukraine’s power grid. Hackers successfully compromised the IT systems of three regional power companies, leading to a widespread blackout that affected 225,000 customers. The attack was a stark reminder of the vulnerabilities in critical energy infrastructure and the need for enhanced cybersecurity measures.
Another notable attack occurred in 2019 when a malware infection hit a major US-based natural gas facility, disrupting operations for over two days. The attack resulted in the shutdown of the facility’s industrial control systems, leading to a loss of productivity and revenue.
The costs of successful cyber-attacks on the energy sector can be enormous, ranging from damage to infrastructure to legal liabilities and regulatory fines. In addition, cyber-attacks on energy systems can have far-reaching consequences, including disruptions to energy supply, environmental disasters, and public safety risks.
To mitigate the risks of cyber-attacks, the energy sector must adopt a comprehensive cybersecurity strategy that includes regular vulnerability assessments, network segmentation, intrusion detection systems, and employee training programs. Energy companies must also prioritize the security of their industrial control systems, which can be particularly vulnerable to cyber-attacks.
In conclusion, the global energy sector must secure its IT estates from cyber-attacks to ensure the continuous supply of energy and protect against the potential consequences of successful attacks. The examples of the 2015 attack on Ukraine’s power grid and the 2019 attack on a US-based natural gas facility highlight the vulnerabilities of the energy sector and the need for enhanced cybersecurity measures. By investing in robust cybersecurity measures and adopting best practices, the energy sector can reduce the risks of cyber-attacks and ensure the safe and secure delivery of energy to consumers.
Healthcare
There have been several high-profile cyber-attacks on healthcare institutions in recent years. In 2017, the WannaCry ransomware attack infected computers in hundreds of hospitals and clinics around the world, disrupting services and compromising patient data. The 2020 ransomware attack on the University of Vermont Health Network in the United States caused significant disruptions to services, including a delay in cancer treatments.
The costs of cyber-attacks on the healthcare sector can be significant, including financial losses, damage to reputation, and legal liabilities. A study by IBM found that the average cost of a data breach for healthcare companies was $7.13 million in 2020. Additionally, a cyber-attack on healthcare IT systems can disrupt critical patient care, leading to potential harm and even fatalities.
In conclusion, it is essential for the healthcare sector to secure their IT estates from cyber-attacks to protect sensitive patient data and maintain the integrity of critical medical systems. The recent examples of successful cyber-attacks on healthcare institutions demonstrate the need for constant vigilance and investment in cybersecurity measures to mitigate the risk of cyber threats.
Government
Recent examples of successful cyber-attacks against government bodies and organizations include the SolarWinds hack in 2020, which targeted multiple US government agencies and private companies, and the Colonial Pipeline ransomware attack in 2021, which caused fuel shortages and significant economic disruption in the United States. These incidents demonstrate the potential for cyber-attacks to cause widespread damage and underscore the importance of strong cybersecurity measures.
The cost of cyber-attacks can be significant for businesses, including lost revenue, damaged reputation, and legal liabilities. According to a study by IBM, the average cost of a data breach in 2020 was $3.86 million. The cost can be even higher for government bodies and organizations, as the impact of a cyber-attack can extend beyond financial losses to include damage to national security, public trust, and diplomatic relationships.
In conclusion, it is critical that governments are secured from cyber-attacks to ensure the protection of sensitive data, maintain the integrity of critical systems, and safeguard national security. The recent examples of successful cyber-attacks against government bodies and organizations serve as a reminder of the need for constant vigilance and investment in cybersecurity measures.
Abatis is uniquely positioned as a cost effective, one time fit proactive security tool. Having been deployed since 2005 by government bodies and critical national infrastructure with no reported breaches, the technology is a perfect fit for large and small government bodies.
Telecommunications
There have been several high-profile cyber-attacks on the telecommunications sector in recent years. In 2020, a DDoS (Distributed Denial of Service) attack on Belgian telecommunications company Proximus caused significant disruptions to their services, including mobile and internet access. In 2021, Chinese hackers were found to be targeting telecommunications companies in Southeast Asia and Europe, stealing sensitive data and compromising their networks.
The costs of cyber-attacks on the telecommunications sector can be substantial, including financial losses, damage to reputation, and legal liabilities. Additionally, a successful cyber-attack on telecommunications infrastructure can have far-reaching consequences, including endangering public safety and compromising national security.
To mitigate the risks of cyber-attacks, telecommunications companies must implement robust cybersecurity measures, including regularly updating software and systems, implementing multi-factor authentication, and segregating networks to minimize the impact of an attack. Additionally, regular cybersecurity training for employees is essential to prevent human error that could lead to a successful cyber-attack.
In conclusion, it is critical for the global telecommunications sector to secure their IT estates from cyber-attacks to ensure uninterrupted communication services, protect sensitive data, and maintain public safety. The recent successful cyber-attacks on the telecommunications sector demonstrate the need for constant vigilance and investment in cybersecurity measures to mitigate the risk of cyber threats.
Retail
The retail sector has experienced several high-profile cyber-attacks in recent years. In 2013, Target suffered a massive data breach that compromised the personal information of more than 40 million customers, including names, addresses, and credit card information. The breach cost Target $162 million in settlements with affected customers and financial institutions.
In 2018, Macy’s suffered a data breach that exposed the personal information of customers, including names, addresses, and credit card information. The breach affected customers who used the retailer’s website between April 26 and June 12, 2018. The cost of the breach is unknown, but it is likely to have caused significant damage to the company’s reputation and resulted in lost revenue.
The costs of cyber-attacks on the retail sector can be substantial, including financial losses, legal liabilities, and damage to reputation. Additionally, a successful cyber-attack on a retailer can result in the loss of customer trust, which can be difficult to regain.
To mitigate the risks of cyber-attacks, retailers must implement robust cybersecurity measures, including regularly updating software and systems, implementing multi-factor authentication, and encrypting sensitive customer data. Additionally, regular cybersecurity training for employees is essential to prevent human error that could lead to a successful cyber-attack.
The retail sector is a prime target for cyber-attacks, and it is critical for retailers to secure their IT infrastructure from cyber threats. The successful cyber-attacks against Target and Macy’s demonstrate the need for constant vigilance and investment in cybersecurity measures to mitigate the risk of cyber threats. Failure to do so can result in significant financial and reputational damage to the sector.
It is worthwhile noting that had Abatis been deployed by Target and/or Macy’s, those specific cyber-attacks would have been thwarted and those companies reputations remained untarnished.
Military
There have been several high-profile cyber-attacks on military systems in recent years. In 2017, the NotPetya malware attack affected several Ukrainian government agencies and military organizations, causing significant disruptions. In 2018, Chinese hackers breached the computer systems of a U.S. Navy contractor and stole sensitive data relating to undersea warfare.
The costs of cyber-attacks on militaries can be enormous, including financial losses, damage to reputation, and a loss of strategic advantage. Additionally, cyber-attacks can cause severe damage to critical infrastructure, such as weapon systems, which can compromise national security and endanger the lives of military personnel.
To mitigate the risks of cyber-attacks, militaries must implement robust cybersecurity measures, including implementing multi-factor authentication, regularly updating software and systems, and segregating networks to minimize the impact of an attack. Additionally, regular cybersecurity training for military personnel is essential to prevent human error that could lead to a successful cyber-attack.
In conclusion, it is critical for militaries to secure their IT infrastructure from cyber-attacks to protect sensitive information, maintain strategic advantage, and ensure the safety of military personnel. The recent successful cyber-attacks on military systems demonstrate the need for constant vigilance and investment in cybersecurity measures to mitigate the risk of cyber threats.
Abatis was commissioned by ArmaSuisse, the Swiss military, to protect its critical infrastructure in 2005. Currently the technology is being trialled by several militaries across a myriad of networks. Abatis is uniquely positioned to secure military networks who use in many cases older legacy operating systems that are out of support or impossible to update. There has never been a reported breach in systems protected by Abatis, neither have any CVE’s been applied.
Financial
The financial sector has experienced several high-profile cyber-attacks in recent years. One of the most notable incidents was the 2017 Equifax data breach, where hackers gained access to the personal information of over 140 million customers. This incident led to significant financial losses for Equifax, including legal fees, settlements, and compensation payments to affected customers.
The 2016 Bangladeshi central bank heist is another example of a successful cyber-attack against the financial sector. In this incident, cybercriminals gained access to the bank’s computer systems and transferred $81 million to accounts in the Philippines. Although the bank was able to recover some of the stolen funds, the incident highlighted the vulnerability of the financial sector to cyber-attacks.
The costs of cyber-attacks on the financial sector can be significant, including financial losses, reputational damage, and legal liabilities. A study by IBM found that the average cost of a data breach for financial services companies was $5.85 million in 2020. It is, therefore, imperative for the financial sector to secure its computer networks and endpoints, including printers, scanners, laptops, desktops, and servers, to mitigate the risk of cyber-attacks and their associated costs.
Industrial Control Systems
The cost of these attacks can be significant, both in terms of the direct financial impact and the damage to the organization’s reputation. The 2017 NotPetya ransomware attack, for example, caused an estimated $10 billion in damages, while the SolarWinds attack is believed to have affected as many as 18,000 organizations, including several US government agencies.
Securing individual industrial control systems from cyber-attacks is therefore critical to ensuring the safety and reliability of critical infrastructure. This can be achieved through a variety of measures, including regular software updates, strong access controls, and employee training. Additionally, endpoint security measures such as intrusion detection and prevention systems (IDPS) and security information and event management (SIEM) can be highly effective in detecting and preventing cyber-attacks on industrial control systems.
By prioritizing cyber security measures, organizations can protect their critical infrastructure from cyber threats and ensure the continuity of essential services.
Abatis is uniquely positioned to protect ICS including Safety Critical environments (SCADA) as it has an extremely light footprint (>100kb) and protects the legacy estate from Microsoft NT4 to present day
Manufacturing
There have been several successful cyber-attacks on manufacturing facilities in recent years. In 2019, a cyber-attack on Norsk Hydro, a global aluminium producer, caused significant disruptions to their operations and resulted in an estimated cost of $52 million. In 2020, Honda, a major automobile manufacturer, experienced a ransomware attack that disrupted production at several of its facilities.
The costs of cyber-attacks on manufacturing facilities can be substantial, including lost productivity, damage to reputation, and legal liabilities. A report by Deloitte found that the average cost of a cyber-attack for the manufacturing sector was $8.2 million in 2019.
In addition to the financial costs, cyber-attacks on manufacturing facilities can also result in safety risks to employees and consumers. A successful attack on ICS can lead to control system failure, which can cause equipment damage and even physical harm to workers.
To mitigate the risks of cyber-attacks, manufacturing companies should implement robust cybersecurity measures, including proactive measures and technologies and segregating networks to minimize the impact of an attack, and implementing multi-factor authentication to prevent unauthorized access. Regular cybersecurity training for employees is also essential to prevent human error that could lead to a successful cyber-attack.
In conclusion, it is essential for the manufacturing sector to secure their production facilities and back-office networks from cyber-attacks. The recent successful attacks on manufacturing facilities demonstrate the need for constant vigilance and investment in cybersecurity measures to mitigate the risk of cyber threats.