As global events, including pandemics and wars, disturb the peace in the world, cyber threats have a great opportunity to evolve and become more sophisticated.
Companies of every size are becoming more vulnerable to cyberattacks. A single missed opportunity to fight back against a threat might lead to a long-term impact on the organization’s digital and overall safety. This creates a need for more complex cybersecurity solutions to protect critical network operations.
To review the importance of applying cybersecurity measures even before the cyber incident happens, Cybernews reached out to Srini Mirmira, the President of Blue Ridge Networks – a company that specializes in zero-trust security solutions.
Let’s go back to the very beginning. How did it all start for Blue Ridge Networks?
Before PCs, before the Internet, and before Ethernet, Network Systems Corporation designed and built very high-speed local area networks for supercomputers and mainframes. These networks potentially included dozens of computers from many different manufacturers. Customers interconnected their site networks with leased lines or high-speed satellites.
As the networks grew, large customers wanted ways to limit access to network subsets without physically disconnecting the computers. With encouragement from their NSA customer, Network Systems developed the BorderGuard. This network appliance could selectively encrypt network data packets for private communications over large-scale shared networks.
Network Systems Corporation was acquired by Storage Technology Corporation (StorageTek) in 1995. Although BorderGuard was a successful product line, StorageTek decided they were not interested in network security solutions. The core BorderGuard engineering and marketing team negotiated a spin-out of the technology and founded Blue Ridge Networks in 1997.
Can you introduce us to what you do? What are your main fields of focus?
Blue Ridge networks provide Zero Breach™ for Zero-Trust environments. Our LinkGuard™ and AppGuard breach prevention solutions are field-proven to resiliently protect critical network assets, operations, and endpoints before a breach occurs. They deploy, integrate, and are compatible with existing and future IT/OT infrastructure to protect critical operations with efficiency as well as a low total cost of ownership.
Blue Ridge’s three main market verticals are critical infrastructure (water/waste-water management, oil & gas, petrochemicals, healthcare (HIPAA compliance), etc.), federal and state government (for classified operations), and retail (PCI compliance). LinkGuard, which is an overlay cybersecurity solution, is ideally suited to protect networks and devices deployed on these networks in the aforementioned markets. AppGuard, which is a holistic endpoint (workstations, servers, and devices that operate on Windows) cybersecurity solution adopts effective policy management to prevent cyberattacks. LinkGuard and AppGuard complement each other, and it is noteworthy that neither solution has ever been breached.
In your opinion, what are the most concerning problems that critical infrastructure businesses face today?
Critical infrastructure assets provide essential services to our society. These include systems focused on energy, water/wastewater, transportation, healthcare, communications, and others. Critical infrastructure assets are vulnerable to both physical and cyber threats. Moreover, they are interdependent, and an attack on one can have a direct impact on others. Threats can include natural events and human-induced threats, especially cyberattacks.
Cyber defenses deployed for critical infrastructure systems have increased, but the attackers and their capabilities have become far more sophisticated and dedicated to their missions. The list of cyber threats continues to increase rapidly with new individual, private, and state hackers at work.
Do you think the recent global events will have an influence on the nature of cyberattacks? Have you noticed any new types of threats?
Absolutely. A recent alert from the FBI, CISA, and NSA warns critical infrastructure providers of increased targeted cyberattacks from Russian state-sponsored cyber operations. The alert noted that advanced persistent threat (APT) actors have been conducting multi-year espionage campaigns that use brute-force tactics and spear-phishing against global enterprises and cloud environments. They have successfully exploited long-term access to target networks using legitimate, stolen credentials and have targeted OT and ICS networks with destructive malware.
New threat delivery approaches have adopted a cyber-physical tactic where businesses in the transportation and defense industries have been mailed packages containing USB devices that deploy ransomware.
How does ensuring cybersecurity differ for government entities versus businesses?
Cybersecurity professionals in government entities develop policies and procedures that can be applied across multiple industries. They frequently focus on protecting networks, systems, and data associated with their organizational structure as well as those associated with national security, government contracting facilities, and critical infrastructure resources. Cybersecurity personnel work within larger teams to protect internal data as well as provide industry insights and recommendations.
As hackers evolve sophisticated mechanisms for data exfiltration, private industry data and infrastructure security has become a major priority. Cybersecurity teams in the private sector are typically focused on their own company and industry and the associated cyber threats. Companies must protect their data such as budgets, sales forecasts, vendor information as well as sensitive customer data. In addition, companies that operate critical infrastructure (utilities, petrochemicals, transportation, etc.) need to ensure that cyberattacks do not result in loss of essential services, environmental damage, and human life. The consequences of breaches can be catastrophic to the company’s reputation and future. Successful security programs in the private industry must ensure that security measures protect the company resources but do not interfere with operations that are required to generate revenue.
How do you think cybercrime is going to evolve as organizations start to take cybersecurity more seriously?
Attackers will continue to target businesses and individuals that have gaps in their cyber defenses. As organizations expand their defenses against cybercrime, the attackers are also adopting new cyber physical techniques to more effectively target critical infrastructure systems. While cyber defense needs to be on all the time, the attackers need to succeed only once. Furthermore, these new attacks not only cause outages but can result in fatalities. New reports suggest that soon, attackers will have weaponized a critical infrastructure cyber-physical system (CPS) to successfully harm or kill humans.
What security measures do you think are a must not only for critical infrastructure companies but for every organization nowadays?
Every organization should ensure that its high-value assets and business continuity priorities are well established in advance. They should secure mission-critical backups offline. They should also review their network segmentation in enterprise IT systems, high-value cyber-physical systems, and OT and mission-critical environments. Personnel reporting and emergency communications plans for IT and OT environments should be up to date with offline copies. Lastly, and possibly most importantly, organizations should adopt a cyber defense-in-depth strategy. That is, organizations should deploy cybersecurity solutions that complement each other – thereby more effectively protecting against diverse types of cyberattacks.
Talking about average Internet users, what tools or practices do you think everyone should adopt?
It is estimated that cyberattacks affect one-third of the US population. Almost half of these correspond to phishing attacks. Primary concerns of individuals include financial account hacking, identity theft, social media compromise, home device hacking, and medical record exfiltration.
At a minimum, all Internet users should adopt the following:
- Install an end-point cybersecurity solution that prevents compromise
- Keep software products and operating systems up to date by regularly applying patches
- Change passwords frequently
- Don’t click on suspicious links in emails
- Don’t trust emails based on the sender, as the sender may be spoofed
- Don’t launch attachments from emails (file-based malware)
- Don’t visit websites with questionable security
- Don’t store credentials on devices that are not secure
- Make off-line backups of their data files
- Access public wifi networks via a VPN
And finally, what’s next for Blue Ridge Networks?
Blue Ridge Networks will continue to serve its existing and future government and private sector customers with dedication by providing them with best-in-class cybersecurity solutions. Furthermore, to enable more widespread deployment of both LinkGuard and AppGuard, Blue Ridge Networks seeks to partner with Managed Service Providers who would integrate Blue Ridge’s cybersecurity solutions with other products and services required by larger enterprises. On the product development front, Blue Ridge has embarked upon incorporating a “Cloud” based LinkGuard offering as well developing specialized edge devices that meet the needs of disparate industries. Finally, in the not-so-distant future, Blue Ridge plans to miniaturize the LinkGuard solution to enable embedding its zero-breach security into OEM products.