When Worlds Collide: The Impact of Cyber Threats Crossing Over to the Physical World

A recent article in Information Age, titled  “As the digital and physical worlds collide it’s time for a security refresh,” offers cybersecurity readiness advice from Mike East, CrowdStrike’s vice president for EMEA. The article, written by Nick Ismail, argues that as cyber threats continue to evolve, organizations must have the people, training and technology to respond in kind.

Although many may assert that the digital world is replacing the physical, the article explains that a more realistic perspective is that the two worlds are coming together, creating challenges for which many organizations simply aren’t prepared. In the case of cybercrime, the article states that it isn’t displacing physical acts of crime — they are occurring in concert. Criminals who might once have used explosives to cripple critical infrastructure,  such as transportation, power grids or water systems, for example, may be able to achieve their goals remotely by attacking the computers that operate those systems — incurring less risk in the process.

To support this premise, the article cites two recent events: an attack on the Ukrainian power grid, and the Iranian hack of a New York dam. The power grid attack successfully compromised the information systems of three Ukrainian energy distribution companies, temporarily disrupting power for a significant number of consumers. In the New York attack, hackers were able to break into the command and control system of the Bowman Avenue Dam in Westchester County in 2013 via a cellular modem. This gave them control that could have allowed them to release millions of gallons of water behind the dam. However, the dam sluice gates had been manually disconnected for maintenance just as the hackers gained entry, so their plans were thwarted. In each of these cases, however, the entry gained via digital means enabled potentially destructive physical actions.

In light of these frightening scenarios, East suggests several steps organizations can take to help them be better prepared to prevent cyberattacks:

  • Gain visibility into the threats you face:  You need visibility into the complete range of threats facing your organization, considering the rate at which new variants are emerging. This visibility is critical because the stakes are so high — many organizations not only risk losing their valuable data, they face the possibility of physical damage to property and people.
  • Know your adversary:  Attack vectors can change rapidly, but the adversaries behind the attacks don’t. Whether it’s an organized crime group, a nation state, or a hacktivist organization, having the intelligence needed to understand your adversaries is a critical part of future-proofing your cybersecurity. The article stresses that understanding who your adversary is and what they’re after is essential to mounting an effective defense.
  • Understand what’s being exploited:  Once you know your adversary and their objectives, it’s critical to identify what your most valuable digital assets are and where they reside. As computing power and scope expands in an organization, the potential for damage when an adversary successfully commandeers your systems can increase exponentially. In addition, the growth of the IoT (internet of things) presents a wide range of new attack vectors. Along with the sheer volume of connected devices, potential vulnerabilities have increased because many advanced systems and instruments in the IoT were developed without adequate security considerations. This could create a life or death situation if, for instance, a connected medical device were hacked.

CrowdStrike instantly improves security posture

The CrowdStrike Falcon® platform protects organizations from an increasingly challenging and complex threat environment where failing to stop an attack can have catastrophic consequences. For an independent review of the Falcon platform’s threat prevention performance and capabilities, please read SANS Review of CrowdStrike: A New Era in Endpoint Protection.

Related Content