BLOG

The latest cyberattacks on the United States demonstrate that all anti-virus software is not doing its job in protecting digital intelligent infrastructure.

As was pointed out in my article at the beginning of this year: “We are prepared to go into battle with 1,000s of tanks, hundreds of planes costing billions of dollars, and some very fast ships that have evolved from designs from half a century ago or more, but when it comes to software-based cyberattacks, we are far behind some of our potential enemies out there. Today’s software capabilities used in anti-virus and cyber-defense do not cover all the possibilities in cyber threats and attacks within electronic warfare.”

It’s time to attain “global net superiority,” a concept I defined in a whitepaper for the American Intelligence Journal.

Cloud computing, the Internet of Things (IoT), the Internet of Everything (IoE), 5G networks, FirstNet (the First Responder Network Authority), and other cutting-edge concepts will not materialize successfully in the future, if their supporting intelligent infrastructure is not solid and resilient against cyberattacks. Gaping holes, ineffective threat intelligence tools, lack of adherence to organizational security policies, and no sense-of-urgency to add software upgrades (and patches) to anti-virus software will guarantee failure.

In the asymmetrical warfare approach of the electronic age, D-Day has become D-Microsecond.

With new hardware platforms like HFT (high-frequency transaction) servers, the speed of war has accelerated to the microsecond, if not nanosecond. Welcome to the accelerated pace of “electronic jihad.”

“Hit the Beach!” is now “Hit the Grid!” when it comes to charging fortified electronic defenses today.

Compared to the Blitzkrieg (the Nazi lightning war strategy) of the Second World War, the inventions of new software-based weapons (Stuxnet, Flame, Nimda, other malware) have made many traditional weapons systems, defense platforms, and war strategies obsolete.

Trojan horses, worms, viruses, denial-of-service (DOS) attacks, and other destructive malware weapons do not need huge supporting logistics or long timeframes to coordinate and assemble to “Hit the Beach!” to launch an attack. They can be sent off in less than a microsecond on an electronic pathway to selected, multiple targets to cripple the grid, the new warzone of the digital age. And they can be synchronized to hit several hundred times a minute – if not more.

A question to ask all military branches, government agencies, and civilian corporate data centers and server farms: “Are your electronic assets fully protected?” They are not, according to the latest security studies.

When it comes to cyberattacks, some who are pessimists would say it is not a matter of if the military or an organization will get hacked, it is more a matter of when they will get hacked. These pessimists may be considered realists as we see more significant cyber events unfolding.

Today’s anti-virus and cyber defense tools are clearly not fully matured, nor comprehensive enough, to cover all detection of breaching scenarios. All tools need to improve and broaden their effectiveness as nothing has attained a full capability to uncover, let alone, block all attacks.

As stated at the beginning of this year, “With more people putting their money into bitcoin and other cryptocurrencies and their recent surge in value, they are also a very ripe target and susceptible to cyberattacks. We need to increase cyber-defenses to protect not only physical assets but electronic assets as well.” Cryptocurrencies are also at risk.

The ability to have total synchronicity of multiple attacks to 1000s of locations and precision timing down to the microsecond are just two key parameters providing a totally different definition of what a focused attack can accomplish in a targeted, asymmetrical, electronic war.

Defining, and Defensing Against, Security Threats: The Last 9%

In the annual 2017 Verizon Data Breach Investigations Report, their research revealed that “Upwards of 90% of all real-world incidents fall into just 9 basic patterns when you slice through all the fear, uncertainty and doubt that’s so common in the cybersecurity narrative.”

In one respect, that was a great starting point to build rigorous cyber defenses. You could cover 90% of all the different approaches following their research and conclusions, but what about the other 10% that is left?

In the American Intelligence Journal in 2017, my whitepaper, “NANOKRIEG: Attaining Global Net Superiority,” observed when you are looking at cybersecurity, a 10% gap in security is totally unacceptable. One percent would probably be considered too large a gap, but if you can cover 90% of that final 10%, you would be well above anything that is currently in place.

No system is 100% secure. “Always-on 100% resiliency” is not attainable. The goal should be to add that last 9% (the 90% of the final 10%) of cyber defenses that would block attacks. That is attaining global net superiority.

The bad news from the latest 2020 Verizon Annual Data Breach Investigations Report is the last 10% has grown into more incidences which cannot be filtered into those nine basic patterns. Since the inception of the report, the numbers reveal that 94% of security incidents and 88% of data breaches fell neatly in one of the original nine patterns (categories). However, when they focus on just this last year’s data (2020), the percentages drop to 85% of security incidents and 78% of the data breaches.

When it comes to cybersecurity software today, we are relying on a digital Maginot Line created by those who think it is impenetrable. It isn’t.

When looking at a threat, we need to understand how motivated the attackers are. In many cases, if the attackers are amateurs, they are going to go after the “low-hanging fruit” of applied security measures. Often times, these amateur-level people are called “script kiddies.” In many organizations, those safeguards are disregarded by some of the system’s users. Non-compliance to an organization’s safeguards will definitely weaken the actual level of security and make it susceptible to amateur hackers.

Creating an Impermeable Defense

This is what today’s goal should be for all organizations concerned about improving cyber-defenses.

First, is to ensure all critical electronics are covered with some type of defensive shielding, like a Faraday shield in order to negate the effects of an EMP explosion.

Second, is to create global net superiority capability within all their networked-computer installations. Impermeable defenses would negate most rogue attacks. Remember, nothing is 100% secure or reliable. We can only strive to get close to that 100% goal.

Third, know the basics, practice the basics, and make sure you have 100% participation and adherence to security policies in your organization.

Fourth, what other safeguards can be developed? Can we build something to send directly back to the source of the malware? It is easier said than done because you can use a third-party’s host computer/server to launch the attack.

You need to be able to find the true originator of the attack and not the host server they have commandeered as the backup rogue server. That takes some sophisticated intelligence, but it does not rule it out.

Fifth, if you decide to use a third-party security firm or cloud services, you must ensure they institute a quality program to support your applications.

We need to move forward in these areas because others are moving forward in cyberwarfare as well. We have yet to establish global net superiority and that should be the primary mission across all military, government and civilian organizations for intelligent infrastructure.

In light of the recent discussions about Russians hacking into our election process, the questions become: “Are we susceptible to a broader cyberattack on intelligent infrastructure?” “How much would we lose in a real cyberattack?” What are the damages and when can we return to normalcy?”

These are the questions that should be discussed with the president as well as other key cabinet secretaries, the NSA, the DHS, and the Pentagon.

That discussion should be forthcoming as a high priority and arranged to be on an ongoing basis.

James Carlini is a strategist for mission critical networks, technology, and intelligent infrastructure. Since 1986, he has been president of Carlini and Associates. Besides being an author, keynote speaker, and strategic consultant on large mission critical networks including the planning and design for the Chicago 911 center, the Chicago Mercantile Exchange trading floor networks, and the international network for GLOBEX, he has served as an adjunct faculty member at Northwestern University.