Technology, cyber attacks are both on the rise

General Michael Hayden, former director of the CIA and the NSA, addressed the advances of technology and cyber attacks at the PAS 2018 Optics conference and said cybersecurity is a new domain and is vulnerable because security is an afterthought.
By Gregory Hale, ISSSource May 30, 2018

Technology is advancing across all industries and it is making them smarter and more agile, but attack vectors are also on the rise, which means industry leaders need to understand who and what they are facing.

"The faster we go, the more ‘behinder’ we get," said General Michael Hayden, principal at the Chertoff Group and former director of the CIA and the NSA, during his keynote address at the PAS 2018 Optics conference in Houston. "What is good for business is sometimes bad for business."

Hayden, while not talking directly about the manufacturing automation industry, was able to spin some general thoughts about cybersecurity applicable for everyone.

Speaking in a more military vernacular, Hayden said cybersecurity is now a new domain, it is an operational theater like land, sea, air and space.

The catch is, he said, when it comes to the Internet, "Security was an afterthought. It is still an add-on. The architecture was not designed to protect data.

"While the good guys are coming to grips with that, he said there are three other elements that are taking advantage of the Internet’s flaws:

  • Nation-states
  • Criminal gangs
  • Hacktivists.

"These big actors could in one scenario or another come after you," Hayden said. "All three are capable."

Nation-states are the most powerful of the threat groups. If your company is a target, they will get in. They are well funded and well-staffed. He did say, yes, nation-states are considered bad guys, but the U.S. also goes after information.

"We steal other people’s information," he said. "I like to think we are number one. We steal data internationally, not nationally."

The other main group is criminal gangs. Hayden said the center of gravity for these groups is mainly located in post-Soviet space.

The other group, according to Hayden, are hacktivists.

"This is a group that should concern you because these people are disaffected. They can come after you because you are there."Some signs Hayden said they have been seeing lately are attackers:

  • Stealing your stuff
  • Corrupting your stuff
  • Hurting your network
  • Creating physical destruction.

Hayden also talked about an attack against critical infrastructure that happened about eight years ago and that was Stuxnet.

"It was a peacetime attack on a critical infrastructure; Stuxnet crossed the Rubicon and crossed the threshold," he said. "Stuxnet was an unsheathing of a weapon and in human history says once we take it out we don’t put the weapon back in the sheath."

Gregory Hale is the editor and founder of Industrial Safety and Security Source (ISSSource.com), a news and information Website covering safety and security issues in the manufacturing automation sector. This content originally appeared on ISSSource.com. ISSSource is a CFE Media content partner. Edited by Chris Vavra, production editor, CFE Media, cvavra@cfemedia.com.

ONLINE extra

See related stories from ISSSource linked below.