BANGALORE, INDIA: Today, governments and enterprises are facing the enormous threat of a military grade cyber attack which most of them are unable to counter with the existing security systems. The scale of attacks incur huge losses in the form of loss of confidential information or business downtime.

In an interview to CIOL, Steve Hanna, distinguished engineer with Juniper Networks and co-chairman of Trusted Computing Group, talks about the motives behind the military-grade attacks and the steps enterprise have to adopt in dealing with such attacks. Excerpts:

Q: What is your assessment of the present cyber threat landscape?

Steve Hanna:

A few years ago, we had individual cyber attackers who used to attack a websites for the sake of fame. Over the years, every this has become so dependent on the Internet and network that they have become the source for carrying out the attacks. A sea of attacks are being carried out on government and industries. The magnitudes of attacks are alarming and cyber criminals are stealing large amounts of confidential data from governments through the Internet.

We have to make sure that our computer security systems are properly designed and implemented so that it can protect us against the rising tide of cyber security threats.

Q: What about the Advanced Persistent Threats (APT)?

Steve Hanna: In an APT attack (also called military-grade attack), the attackers have different sets of goals and capabilities. APT attackers are generally sophisticated instead of being hobbyists. The attacker is usually state sponsored. All the nations which have military presence today have cyber presence as well to counter the cyber warfare. For both defensive and offensive capabilities. They are not the ones who are sitting around doing noting; they are all the time developing new forms of attacks and try them out. The best way to try them is to try them on the enemy. So they deploy the new forms of attacks against political enemies.

In cyber space these kinds of attacks and defense happen every day.

May of our governments are not prepared to counter such attacks. The same kind of attacks are seen on commercial establishments. Commercial enterprise are not capable of countering military-grade attacks as we have designed our defenses as per the threat landscape five years ago.

Q: There have been a number of cyber attacks on Indian Government websites particularly from China. How serious is the threat?

Steve Hanna: In India too we have seen a disturbing number of military-grade attacks. Ghost Net and Shadow Net are well documented attack networks that have been documented by researchers. They found attacks from these networks in the office of Dalai Lama. The same attackers have also been recorded to have infiltrated Indian government sites and extracted classified information. I am not aware of any documented military attacks on commercial establishments in India. But it can be something happening. The attack from Ghost Net and Shadow Net had went on from years before they were actually discovered.

Q: How do you rate networks in terms of their security capabilities?

Steve Hanna: Networks are not easy to attack. Because networks generally put a lot of defense to place to make sure that these networks stays up and un-infected. The organizations I am worried about are the ones for which networks are not central to their business and have not devoted appropriate defenses to defend their network.

Even today there are plenty of organizations which have installed their networks but haven't upgrade their defenses to address the changed security landscape. These kind of organizations should go to the network companies and ask them to redesign their network and defenses. But this usually does not happen unless there is an attack.

Q: Can you identify the top three challenges in cloud security?

Steve Hanna: There are mainly three issues including the separation of customers,  security measures at the cloud providers' end and integration of systems. A lot of cloud providers, today, have their own standalone security systems and most of them are not integrated it with their customers, which can lead to misuse of the companies' assets in cloud.

Q: What are your suggestions for businesses to counter a possible APT attack?

Steve Hanna:Enterprises have not yet re-designed their defenses to counter the Advanced Persistent Threats. They are persistent, unique and not just clone of some other attack. They can look for vulnerability and write codes. When you seen these kinds of attacks it's like something you have never seen before.
You can't use signature-based approaches for these kind of attacks. So we need a behavior-based approach and have a co-ordinated defense. Our network defenses has to be as intelligent as our attackers.
So we need to have military-grade defense even in commercial places. Otherwise the APT can creep into organizations and infect the systems. And generally it is very difficult to disinfect the machines later.