The cyber attacks targeting critical national infrastructure and other organizations are growing more and more, causing damage that can often be irreparable. However, organizations could stop them before they have an impact. A key condition for this to be possible is for teams responsible for security to better understand and understand their systems and networks. This may sound like a given, but in many cases, hackers have entered corporate systems and networks and remained in them for a long time without being detected. Some of these campaigns include attacks on critical infrastructure, where malicious hackers could cause serious damage. At this point it is important to clarify that hackers are in a strong position, precisely because those responsible for defending systems and networks do not always have a full understanding of what they are managing.
Ο Dmitri Alperovitch, executive chairman of Silverado Policy Accelerator and co-founder and former CTO of CrowdStrike, said people often tend to misinterpret attacks. In particular, he noted that such attacks do not occur at "speed of light", but often take months or years to reach the right level. access in a network, so that they are finally able to carry out a destructive act. This means that deep knowledge of a network as well as the detection Any suspicious or unexpected behavior can significantly contribute to the detection and cessation of attacks. Alperovitch noted that organisms need to spend a lot of time defending themselves in order for it to function effectively.

In particular, he stressed that if organizations look into their systems, look for opponents and have the right perception, they will be able to discover hackers even after they enter the systems, before they do any damage. Knowing what exists in a network has become even more important in recent years, as industrial environments are increasingly linked to and production sensors and monitors. The devices are useful for infrastructure providers, as they allow better monitoring of systems for efficiency, maintenance and repair, but if not managed properly, they could be weaknesses and make it easier for the intruder to access the network.
Annessa McKenzie, VP IT and CSO at Calpine, an American power company, said it was important to do precautionary testing. He also stressed that there should be a better understanding of a network so that its defender can manage it as soon as possible. infringement, as well as after. According to McKenzie, when there is no complete awareness of what exactly is going on in systems and networks, it can take days, weeks or even months for a response to a breach to occur, and it is often not clear what is really going on. He added that organizations should try to think like hackers. That is, to think about the network and how an attack could be exploited while the teams security they could reveal unexpected means that hackers could use to exploit the network. In addition, with the availability of suitable tools and with expertise, government intervention could help strengthen cybersecurity in critical infrastructure by providing an environment for organizations to share information about attacks and optimal practices to protect networks.

Michael Chertoff, a former U.S. Secretary of Homeland Security and co-founder and CEO of the Chertoff Group (a security and risk consulting firm), said they could create a platform for companies to exchange best practices and help and perhaps even host some kind of common ability to respond publicly and privately. He also stressed that the responsibility for security should not be borne only by infrastructure providers or other organizations, but that companies that manufacture specialized systems and connected spare parts used in these environments should also bear some responsibility, if proven. that they are inherently insecure or vulnerable to cyber attacks. Through a combination of this and a good knowledge of what a network looks like, infrastructure and utility providers can go a long way in preventing invasion campaigns and cyberattacks. But it certainly takes a lot of time and work to make it possible. Finally, Alperovitch said that defenders have a great advantage if they know their environment better than the opponent. However, this is not the case if an organization does not have the right tools and capabilities.