Page 46: of Maritime Logistics Professional Magazine (Jul/Aug 2017)
PORTS & INFRASTRUCTURE
Read this page in Pdf, Flash or Html5 edition of Jul/Aug 2017 Maritime Logistics Professional Magazine
Port Security
THE NEXT
PEARL HARBOR “The potential for the next Pearl Harbor could very well be a cyber-attack.” – Leon Panetta, former CIA Director, addressing US Congress, 2011.
By Gordon McKeown
Consider the barrage of high profle data security failures in
Danger Signs
There were warning signs before 9/11, above all the rising recent years, including: onslaught of attacks viewed as a trend. The Aden Hotels in • 2012: Shamoon malware demolishes vast IT estates 1992, the 1993 World Trade Centre bombing, the foiled attack in Saudi Arabia on President Clinton in Manila in 1996, the Mostar Car Bomb- • 2013: Dark Seoul brings down ATM’s and television ing in 1997, the US Embassy bombings in Dar es Salaam and networks in South Korea
Nairobi in 1998, the Somali and Afghan Civil Wars throughout • 2014: Black Energy switches off the power in Ukraine the 90’s and Al Qaeda’s involvement in them and in Kosovo. • 2015: US Democratic National Committee is
All lead indicators of danger, harbingers of the next Pearl Har- famously hacked bor. Sixteen years later, what is the next Pearl Harbor. • 2016: Mirai bots overwhelms high profle websites
When everything is connected to everything, do you need including Twitter to physically hijack an aircraft to damage it? Do you need to • 2017: UK NHS Wannacry Ransomware assault plant a bomb on a gas pipeline to cause an explosion? Would you need to physically break into an electricity substation to There’s the trend, but if we’re looking for the next Pearl disrupt the power supply and cause a blackout? No, you could Harbor we need to fnd a ‘proof of concept’ that moves from do these things using malware. the digital domain into real world destruction. We’re looking for a cyber weapon.
Malware
A Brief Taxonomy of Malware
There are two lead indicators that point to Leon Panetta’s prediction coming true: “Somebody just used a new weapon and this weapon will not be put back in the box,” Michael Hayden, former NSA 1. The trend of relentless hacking and malware. Director, speaking in a television interview about Stuxnet.
Everything connected is being tested constantly by For completeness, we should also mention hacking: using malicious actors. It’s asymmetric war out there. XSS or SQL injection to maliciously change (hack) software 2. The proven threat from malware designed to cause code, usually in a website. The goal is often to get at the database physical damage to equipment and infrastructure. behind the site as in the TalkTalk hack in 2016. Technically, 46 Maritime Logistics Professional July/August 2017 | |