Diminishing the risk and fallout of network attacks

As the challenges around network security expand and evolve, let’s look at the innovation emerging to defend tomorrow's transport infrastructure from cyberattacks.
Virtual padlock

In the never-ending battle against cybercrime, one thing that often gets overlooked is that most of the vulnerabilities in data infrastructure lie within the network. Not only is the network the target of the initial intrusion, it is also vital to the recovery – which means that any organization that does not take network security seriously these days is playing with fire.

Unfortunately, assessing network vulnerabilities is often a complex and time-consuming task, particularly in large-scale operations, and the challenge has only grown over the years as the data footprint has pushed out to the cloud and the edge. Even small-to-mid-sized companies are now contending with complex network infrastructure, both wired and wireless, that seems to spawn new attack vectors, even as existing ones are being identified and patched.

Open playing field

According to recent research from Positive Technologies, more than 93% of perimeter networks are vulnerable to intrusion, giving hackers full control of the enterprise’s data infrastructure. This weakness persists across the economic spectrum, including the financial sector, fuel and energy, government, industrial, IT and numerous other fields. Even more disturbing, says research head Ekaterina Kilyusheva, is that these potential breaches enable intruders to execute a wide range of events that are unacceptable to the business model, including disruption of critical technological processes and services, as well as theft of funds and data. In most cases, networks can be penetrated in less than two days and the full attack can be carried out in less than a month – far less time than it takes to discover the breach.

While many organizations try to keep on top of these threats by conducting regular penetration tests, what is really needed is a full vulnerability assessment, says risk management platform developer Reciprocity. A penetration test affords a snapshot of network resilience at a particular moment in time, but a vulnerability test can identify long-term systemic risks to network security. Vulnerabilities can present themselves in many forms, ranging from weaknesses in social network management and aging, unpatched software to misconfigured firewalls and poor authentication and device authorization.

It is important to understand that neither penetration testing nor vulnerability assessment should be performed as a one-and-done event. Rather, the two together, conducted on a regular basis, provide the highest level of protection.

As challenging as network security is today, it is likely to pale in comparison to what is about to be unleashed with emerging forms of quantum computing.

Automation, particularly intelligent automation, is also a significant asset in the pursuit of network health, according to Terry Slattery, principal architect at consulting firm NetCraftsmen. The speed at which data networks and the tools used to break into them is evolving has hit extreme levels in the past few years, and it continues to accelerate. Automation across the entire network management stack not only keeps security policies and processes up to date, it also maintains resource dependencies, inter-network relationships, rapid provisioning and a host of other tasks that if left undone create the kinds of gaps that black hats can exploit.

At the same time, automation can also be optimized to trigger incident response mechanisms that can quickly block an intrusion from penetrating too deeply and circumvent traffic around affected systems to minimize disruption. And as is the case elsewhere in the data stack, automation can better handle the extreme scale of modern data architecture than even an army of human operators, which delivers higher value when targeted at higher-level strategic initiatives.

As challenging as network security is today, it is likely to pale in comparison to what is about to be unleashed with emerging forms of quantum computing. A quantum attack, which outperforms current binary computing by leveraging various quantum states of matter to generate data, will run circles around traditional means of protection. The good news is that this same technology can be used to shore up those defenses using tools like quantum key distribution (QKD).

With QKD, organizations are able to secure data transport against all kinds of cyberattacks, including quantum-driven ones that can easily crack standard cryptography. By distributing keys in a quantum state, even an attempt to intercept traffic triggers an alarm. To date, one of the key challenges in implementing QKD in production environments was its sensitivity to environmental conditions, but as ADVA and ID Quantique recently demonstrated, it is now possible to implement QKD even over long-haul fiber infrastructure. And just this month, ADVA announced its involvement in three projects aimed at making quantum-safe communication at scale ready mass deployment in installed fiber infrastructure.

Network security is a never-ending game of one-upmanship between the enterprise and the dark web. The nature of data environments requires the continual hardening of network infrastructure as well as the optimization of recovery and restoration processes. There will never be a 100% secure network, but with the right approach enterprises will soon be able to relegate cyberattacks to a low-probability risk with minimal impact to the bottom line.

Related articles