+
EDITOR’S QUESTION
RYAN TROST,
CO-FOUNDER AND CTO,
THREATQUOTIENT
A
sharper concentration of cloud
attacks. Companies continue to
flock to cloud deployments, both
private and public, to regain budget and
unburden their IT departments. Teams
have slightly more control and oversight
over private cloud deployments but the
public multi-tenant cloud deployments are
target rich for an attacker. No need for the
adversary to enumerate their prey when they
can infiltrate the ‘entire herd’. By studying
how a single cloud technology operates
from infrastructure to defences, adversaries
become more efficient and significantly
decrease their attack costs. rely heavily on older infrastructure and
technology and are infrequently updated to
the latest security levels.
Most adversaries are driven by financial
gains and a significant operating metric
for them revolves around their operational
costs. Very similar to our defensive budgets,
adversaries must weigh their operating costs
against their potential profits. Therefore,
their motivation to gain access to cloud
environments provide an exponential
financial gain. But as manufacturers live and die by product
branding, the importance for a company
to comply with criminal demands warrants
a lofty ransom threat. I predict 2020 will
see at least one high-value OT network get
infiltrated and held for ransom.
I am not saying ‘all’ cloud deployments are
doomed but security teams must absolutely
have a voice at the table when deciding
‘which’ cloud environment. Security teams
must evaluate and scrutinise cloud security
practices to ensure due diligence is being
performed by the vendor – for instance,
ensuring the cloud vendor is undergoing
routine penetration tests and not only
resolving any weaknesses identified but
asking how quickly their security team is
identifying the penetration test.
An Operational Technology line will
fall victim to a ransomware threat.
Operational Technology networks are
the primary lifesource for oil, gas and
energy companies, as well as, massive
manufacturing industries such as
automotive. These environments typically
www.intelligentcio.com
/////////////////
Often, OT networks are overlooked because
they don’t have the traditional weak points
most organisations are defending for two
primary reasons:
1. They generally are not connected to the
Internet and
2. Do not have the high number of end-users
who are susceptible to crafty email spear
phish attacks or ‘click-happy’ websurfing
Staggering surge of botnet armies. Botnet
armies are nothing new; however, as endpoint
devices in households become ‘connected’
and schools provide each individual student
with personal computing devices, it opens the
doors for widespread takeover.
I can appreciate the benefits of every single
student having a tablet (or equivalent) for
schooling. However, I struggle to find the
legitimacy of why my refrigerator needs
an Internet connection, or for that matter,
a video conferencing feature. As with any
botnet army, the individual devices don’t hold
any real threat value but when controlled in
the masses they provide a formidable attack
mechanism for cybercriminals.
Whether used for computation resources
(think brute forcing passwords) or used to
launch denial of service attacks against a
target, the volume of botnet armies will
surely increase exponentially.
“
I PREDICT 2020
WILL SEE AT
LEAST ONE
HIGH-VALUE OT
NETWORK GET
INFILTRATED
AND HELD FOR
RANSOM.
INTELLIGENTCIO
31