In a recent article at Yahoo! Finance, Michael Chertoff is quoted as saying that cyber attacks are “the biggest threat we currently face” as a nation. Chertoff, former Homeland Security Secretary and now-Chairman of the The Chertoff Group, went on to suggest that “this [threat] is not going away unless we do something about it.”
We here at Bayshore Networks completely agree.
Just one day after the Chertoff interview was published, the Christian Science Monitor and a number of other outlets reported that a major cyber attack aimed at natural gas pipeline companies was currently underway. These stories underline what we’ve been saying for a very long time: current approaches to cyber security just don’t work.
It’s encouraging that these attacks have been discovered, and that ICS-CERT and DHS have put out multiple “Amber Alerts” in order to notify natural gas pipeline sector companies. But – as of this writing – the attacks have still not been mitigated according to reports. In fact, it’s been reported that these particular attacks began back in December of last year, nearly six months later. The Monitor article tells us the attack “type” has been identified as “a single campaign from a single source” adding that it appears to be a “sophisticated ‘spear-phishing’ campaign”. These types of attacks are nothing new in Enterprise IT, but what IS fairly new is the list of targets; critical infrastructure.
Bayshore Networks has long suggested that Layer 3 products have their place, and they did their limited job of catching and reporting these new attacks here, but only Layer 7 technology such as Bayshore’s SingleKey&trade Firewall and SingleKey&trade SCADA Firewall, deployed directly into the network traffic and working directly with Applications, are able to block these attacks and prevent them from ever reaching their targets.