Asymmetric Cyber Warfare, introduced in my previous article, poses an especially challenging threat to today’s businesses. Companies that have a well-established security policy in place typically only address what are known as linear-based attacks. In a linear attack, a single Cyberattacker launches just one threat variant into one main point of entry. But today’s Security Policies now need to be quickly updated in order to combat the new norm of non-linear Asymmetric Cyberattacks, in which multiple Cyberattackers go against numerous vulnerabilities at differing times of attack.
How can a business defend itself against Asymmetric Cyberattacks? Here are some key strategies that can be implemented:
1) Conduct a thorough Risk Assessment.
Traditional risk assessment frameworks often lay out a strategy in which you and your IT Security team map out both your company’s digital and physical assets. You then examine the vulnerabilities of each asset and, using a numerical categorization scheme, you assign a severity rating to each. Of course, those assets which are the most vulnerable will have the highest score and will thus receive the most attention when it comes to protection. But now, it is time to think backwards. You and your team also need to evaluate those assets that are the least vulnerable and apply the right set of controls to protect them as well. Remember, in an Asymmetric Cyberattack, the hacker will go after what is most vulnerable, not what is the best fortified. In other words, your risk assessment should take a holistic, multilateral view of all of your assets, rather than the usual unilateral approach.
2) Make use of more advanced tools.
Yes, the traditional tools like Firewalls, Routers, and Network Intrusion devices can provide an effective level of protection for your business, but given today’s Cyber Threat Landscape, it is crucial that your IT Security Team kicks your existing arsenal up a notch (or even more, if possible). In this regard, you should seriously consider the use of both Machine Learning (ML) and Artificial Intelligence (AI) tools. These newer types of technology are advanced enough that they model the newer threat variants by taking into account both the strongest and weakest links in your Security Chain. In other words, they can learn from past attack signatures and predict newer attacks that may be evolving, especially from the nation state threat actors.
3) Protect both the internal and external environments.
The most traditional means of Cybersecurity has always been, and unfortunately continues to be, based upon the concept of what is known as “Perimeter Security.” Simply put, this is where only one line of defense is used to protect the business from external threats, based upon a geometrical circumference. Now it is time now to extend that circle to protect your assets from the internal environment as well, by breaking off your entire IT and Network Infrastructure into different micro-segments, or “Subnets.” Each subnet will then have its own defense mechanisms. The bottom line here is that Asymmetric Cyberwarfare can also emerge from insider threats, especially if you have a rogue, third-party employee such as a contractor.
This article series has examined what Asymmetric Cyberwarfare is, and some ways in which you can protect your business against it. At the current time, the other best line of defense you can take is that of the Zero Trust Framework, in which absolutely nobody is trusted. Everyone, including employees, must be authenticated through at least three layers of defense.
- Lastline.com, “Effective Response to Asymmetric Warfare.” (May 29, 2019)