NEWS FROM DSEI: Experts Sound the Alarm About Evolving Cyber Threats
LONDON — While cyber attacks have cost countries, corporations and individuals countless dollars — through theft, ransomware, data loss and disabled networks — they may be even more damaging in the future, experts are warning.
The threat is evolving, putting more systems and people at risk, said retired Vice Adm. Jan Tighe, the U.S. Navy’s former deputy chief of naval operations for information warfare, who now works as a consultant.
An area of cybersecurity that still lacks maturity is protecting physical infrastructure, she noted.
“The industry to defend control systems is really in its early stages of being able to monitor or sense and detect and react to ... bad code or bad instructions coming across” a network, she said during a panel discussion at the Defence and Security Equipment International conference.
Stuxnet, a 2010 computer worm that went after centrifuges in Iran’s Natanz nuclear facility and damaged the country’s nuclear program, is one example of the type of cyber capability that poses a physical danger, Tighe said.
“Stuxnet was … an attack on a control system" not just a digital network, she explained.
Even within the past several years, few solutions for protecting physical infrastructure have emerged, she said.
“There weren't a lot of people who were control systems engineers that understood the types of cyber threats” that could affect their assets, she said. “Building that resiliency into ... the control systems side of the house and looking for ways to assure control systems” from such threats is critical and one of the top challenges, she added.
Additionally, ransomware attacks — where hackers hold data for ransom — may become even more devastating in the future, Tighe said.
“It could morph and evolve into more than just focus on the IT networks and move into the operational technologies, the cyber-physical type of technologies to be able to hold a larger group of people hostage,” she warned. For example, a malicious actor could use the technology to shut down manufacturing capabilities that populations rely on.
The veracity of data is another issue and one that could have physical effects on a person, said Col. Jaak Tarien, director of the NATO Cooperative Cyber Defence Centre of Excellence and a member of the Estonian air force.
“I'm very much worried about data integrity,” he said. “I don't care about people finding out my blood type — it's O-positive. But if I'm unconscious in the hospital and they [need to do a] transfusion, I very much want my medical records to say O-positive, not A-negative.”
Another area of concern is “deepfakes,” artificial intelligence-generated videos that have been manipulated to create false and misleading impressions, Tarien said. They will likely bolster misinformation campaigns in the future, such as those perpetrated by Russia during the 2016 U.S. presidential election.
However, Tarien believes that eventually society will be able to recognize deepfakes as inauthentic.
“We can counter deepfakes because deepfake is enhanced Photoshop,” he said. “When Photoshop came out, we were very, very much convinced. We were like, 'Oh wow, what a photo,' and then we go, 'Oh that's Photoshopped.' So I think we can get to that level” where most people can tell that a video has been altered.
While artificial intelligence has created problems, such as deepfakes, it will also be an important tool for countering cyber attacks, Tighe noted.
“AI specifically in cybersecurity is inevitable. It's really not a choice,” she said.
The large scale of the infrastructure that supports many networks across the globe — as well as the changing nature of the configuration of those networks — will mean that AI must be incorporated into defensive systems, she said.
“The basic premise of [trying to] identify, detect and respond to cyber threats dictates that we have to have some AI-type solutions to be able to have the precision in identifying anomalous behavior, the speed in terms of responding to malicious activity in your network, and the ability to learn as the adversary adapts to your defenses,” she said.
An important task for an AI system will be “to distinguish between what's anomalous and mildly interesting to what is incredibly malicious that needs to be stopped now,” Tighe said.