AI Elevates Cyber Threat to New Level

The recent World Cybersecurity Congress in London painted a picture of a world that could be entering into a new era of cyber attacks and warfare. While describing it as apocalyptic could be veering slightly on the dramatic, there is little doubt that the cyber war in many ways has only just began. Given satellite’s vital position in terms of critical infrastructure, it seems a question of “when” rather than “if” the industry suffers from a major cyber attack.

Despite the imminent warnings of the threats facing enterprises, it seems there is still a degree of complacency at the board level regarding the seriousness of the cyber threat. Jennifer Rigby, CIO of London-based insurance market Lloyds, was one of the key speakers of the event. She said in the first six months of 2017, there were close to 2 billion records compromised, and that the economic consequences of such disasters were accelerating. Rigby believes the cyber attacks could ultimately cause the same type of damage as a natural disaster.

“92 percent of businesses have experienced a cyber breach in the past five years. Only 42 percent were worried they would have another one in the future. We see some recognition from CEOs but also a complacency. However, this is rising up on the boardroom agenda. We have seen companies like Maersk get hit. The cost of that [to Maersk] was $300 million. Businesses need to really prepare themselves. We are looking for an overarching culture of security. It means governance and security are there. The cyber insurance market has really grown,” she said.

One of the main speakers at our CyberSat event last year in Washington, D.C. was Darktrace, one of the new breed of cyber companies that is at the frontline of defending enterprises from security attacks. Dave Palmer, director of technology at Darktrace said the era of hacking through firewalls “was largely dead” and that the whole perception of a hacker as being a hooded teenager in the bedroom is “no longer relevant.”

The new threat to businesses and satellite companies is far more frightening. He said that Artificial Intelligence (AI) supercharged spear phishing is “now imminent.” So, what does this mean? Palmer talked of how malware could understand how you talk to different people, from colleagues and friends to partners, and effectively mimic your tone in emails, making it far more difficult to stop, as there may only be subtle things that could point to the fact it is a malicious email.

Palmer says criminal networks are not using AI because it is “super trendy” but because it solves a resource problem and enables them to target high value organizations. He pointed out some verticals that could be seen as strong targets: hackers are starting to target video-conferencing rooms in law firms, and have set their sights on oil and gas companies as well. Palmer said that, while turning off an oil rig is a possibility, there were other things that could be done where the impact could be huge and take a long time for companies to notice they had been attacked. He said we are at an era where new criminal network business models will emerge.

It seemed the concept of AI as it relates to cyber was one of the major themes of the event. Mark Testoni, CEO of SAP, said companies are now looking to put “brains” within your networks. While it can be a source for good, there is no doubt it will be used by others in a not so good way. The lack of cyber awareness is also a major issue that Testoni flagged up. “In the United States, we have a dearth of awareness. We need to educate the public of those 15 billion devices. They are part of the threat landscape. Education on cyber hygiene is so important. There is a need for public and private collaboration,” he said.

In the world of cybersecurity, Kaspersky is one of the most polarizing players on the landscape. The company, which has a Russian heritage, is one of the main defenders of enterprises across the globe. Given its Russian intelligence roots, not everybody is a fan. However, when the company speaks on cybersecurity, people do listen.

Anton Shingarev, vice president of Kaspersky’s public affairs, likened the history of cybersecurity to the history of nuclear physics. Historically, it was a small community but nation states soon realized the power of nuclear, and now something similar is happening in terms of cyberspace.

So, certain trends in cybersecurity are starting to take shape. “There is a need for critical infrastructure protection. The next trend we see is protectionism. We are seeing a stimulation of domestic companies. There is an enforcement of foreign companies to collaborate. We are seeing a squeezing out of foreign companies from domestic markets. There is also a militarization of cyberspace. This is now an alarming trend. More than 30 countries have announced they have military cyber divisions. There is legislative pressure on software developers,” said Shingarev.

He pointed to recent cyber laws enacted by the governments of China and Singapore. There has also been a recent Russian Executive Order in February related to cyber. The lack of cooperation in the fight against cyber attacks is also another worrying trend. “There is a crisis of trust as a result of leaks. There is an underdevelopment of international legislation. There is also a geopolitical freeze. The world is moving in the world of protectionism. We must find a way to cooperate,” said Shingarev.

Adam Maskatiya, general manager of Kaspersky Lab UK and Ireland, said companies need to wake up to the threat now. He said companies may not have been hacked yet, but that they should “fix the roof while the sun is shining.”

Kaspersky looks at 360,000 unique samples of malware every day, according to Maskatiya. Attacks can come from anywhere into an organization and with data being the new oil, they will increase.

David Emm, who works on Kaspersky’s global research and analysis team, pointed to the recent Olympic Destroyer malware that hit winter resorts and other organizations. He added that the Olympic Destroyer malware didn’t hit just Olympic facilities, but other victims too. Emm also highlighted the healthcare industry as “particularly vulnerable” to both Internet of Things (IOT) exposure and Advanced Persistent Threat (APT) attacks. Medical devices are connected and are open to attack, he said.

Emm described Wannacry as a wake-up call for enterprises. “It showed the cyber community just how open businesses are to attack. The success of those attacks has shown the criminals they are vulnerable,” he added.

Emm also bought up connected transportation, which as we know is an market where the satellite industry is deeply immersed in. “There are lots of sensors in the vehicle. They will be targeted. We are now in the era of professional cyber espionage,” he said.

All companies are getting involved in the frontline of protection. Verizon, for example, has recently launched The Verizon Risk Report as it looks to help its clients protect themselves better. Bryan Sartin, executive director of global security services for Verizon Enterprise Solutions said there is a need for transformation in the enterprise.

“What we are seeing is a shift in mindset. Basic security is no longer sufficient, a shift in thinking is required. There is a thinking you have to assume a security breach. You are responsible for your data, whether it is in your network or outside of it. In the event of a brand-damaging incident, security is ultimately a top-down leadership role. You need to balance legal and reputational risk. You have to talk about cyber risk. The building block is shifting,” he said.

There is little doubt that the threat to satellite companies is only getting bigger. The attacks are getting more sophisticated and it is clear that criminal organizations and networks will use AI in increasingly creative ways to get into organizations. In this feature, we have discussed connected transportation, healthcare companies, oil and gas companies — all industries that the satellite is looking to serve. It also goes without saying that a major hack of a satellite network would create huge headlines throughout the world. The industry, with its complex networks of assets on the ground and in the sky, must counter these threats head on. Whether we will see some kind of cyber apocalypse remains to be seen, but we are entering into a pretty terrifying new era, and one which will take a great deal of cooperation and skill to navigate. VS