Cybersecurity Concerns in the Public Sector: A Canary in the Coalmine
Recently, the Department for Education came under fire when some of the laptops given out in England to support vulnerable children during lockdown contained malware. This incident may not have dominated headlines, but it is a canary in the coalmine for the ongoing concerns around national cyber security.
At first glance, this incident may not seem particularly notable. It does not appear to be a targeted attack, but rather the result of improper laptop refurbishment. Gamarue, the malware reported to be installed on the computers, is a common strain of malware that has been around for over nine years. It is likely that this was a stain of a previous attack, and human error was at play. However, this attack raises yet more alarm bells about the vulnerabilities in the government’s network of suppliers.
Complex Global Supply Chains: A Source of Vulnerability
Complex global supply chains offer those with criminal intent many points of vulnerability that may be tested in the pursuit of compromising the systems or equipment that the public rely on. We saw this in 2018, when 380,000 credit cards were breached due to a vulnerability in a third-party web plugin used to process card data at British Airways. The airline consequently faced the biggest GDPR fine in British history.
The Rise of Supply Chain Attacks
This time, hardware was the source of compromise, but we know all too well from the recent SolarWinds Orion attack that software too can be poisoned. An attack which laid bare the vulnerability of even the most equipped national superpowers in the face of well-resourced and creative cyber adversaries, SolarWinds evidenced a simple truism: today, attackers have many places to hide – the complexity of a global supply chain is their friend.
The Pervasive Risk of Supply Chain Compromise
Supply chain attacks are virtually impossible to detect with standard security tools and procedures, because the malicious software is packaged as legitimate, within your own laptop or software you have typically relied on, and delivered into the heart of your organisation by trusted suppliers.
The Urgent Need for Supply Chain Risk Management
The problem that must be tackled by governments and businesses is not so much an audit of all their suppliers, but how to manage the pervasive risk that suppliers from all over the world bring. Too many organisations feel blind to what’s going on in their own systems – let alone the risk that their suppliers and partners might introduce.
The Role of Artificial Intelligence in Cybersecurity
The good news is that the UK is in a strong position to face this challenge head-on. Artificial intelligence, built in Britain, is making major steps forward in this area – detecting the most subtle anomalies in critical systems that might point to a supply chain compromise. Given the ever-increasing scale and complexity of digital environments, it is rapidly becoming critical for cyber security teams across the public and private sector to leverage technologies like AI that can not only detect and investigate, but crucially respond to malicious activity within the network.
Conclusion
This approach shifts attention to the critical issue at hand: understanding and constantly enforcing ‘normal’ digital behaviour. With an understanding of evolving ‘normal’ activity, we will be better equipped to disrupt and stop attacks at the earliest signs of compromise.
Frequently Asked Questions
- How can organizations manage the risk that suppliers bring?
- Leverage technologies like AI to detect and respond to malicious activity within the network.
- How can organizations detect supply chain attacks?
- Use AI-powered tools to detect the most subtle anomalies in critical systems that might point to a supply chain compromise.
- What is the role of AI in cybersecurity?
- AI is rapidly becoming critical for cyber security teams to leverage technologies like AI that can not only detect and investigate, but crucially respond to malicious activity within the network.
