When it comes to security, nothing is 100 percent foolproof. While many carriers protect themselves against a wide variety of cyberthreats, the recent West Coast outages caused when underground cables were cut have brought physical security into question. It’s also opening the door for providers to review their own physical security measures to avoid learning the hard way, and even tout it as a differentiator for customers.
There could be a silver lining to physical attacks in the form of a new business opportunity, said Chris Poe, chief innovation officer of Atrion Networking, a Warwick, R.I.-based IT solution provider and Level 3 partner. Poe noted that it will be interesting to see if providers could find ways to beef up their own physical security across transmission lines and leverage those upgrades as a differentiator.
Andrew Pryfogle, senior vice president of cloud transformation for Petaluma, Calif.-based Intelisys, said he believes that many end customers would be more than willing to pay for the assurance that their carrier networks offer higher levels of protection and security than the competition. “A well-timed and well-placed attack on fiber assets could have devastating affect. That fear … could absolutely be leveraged into a big competitive advantage for a carrier that seizes on that opportunity,” he said.
But just how vulnerable is a carrier’s infrastructure to a physical attack? According to Pryfogle, many carriers already take extraordinary measures to protect their fiber networks. AT&T, for example, monitors its physical network 24/7, and the carrier houses its equipment in secure facilities, he said.
Still, thousands of miles of cable can’t be protected against every vulnerability. “When designing a fiber network, you have to take into account the eventuality of a fiber cut, regardless of the cause,” Pryfogle said.
Bryan Sartin, director of the RISK team at Verizon Enterprise Solutions, said that physical attacks are unique because they are indicative of an emerging — and disturbing — trend toward activism. “Activist attacks are more about deny, disrupt, [and] destroy, and to do that, they have critical infrastructure in their crosshairs,” he said. “Cyberattacks aren’t the only game in town, and activist attacks are where we are seeing the real growth [in this type of threat],” he noted, referring to Verizon’s 2015 data breach investigations report.
There are many motivations for physical attacks, including revenge, political gain and even religious reasons, he said. Unlike cyberattacks, physical disruptions can also happen purely by mistake when cables are accidently disturbed.
While physical attacks are often considered less sophisticated than their cyberattack counterparts, they do require manpower. There are layers of physical security measures necessary to shield the fiber, which is usually very well secured and located where special access is typically required to reach the infrastructure. “Think of the different layers of crowdsourcing of different actors that have to be involved or the social engineering that’s involved to pull this [kind of attack] off,” Sartin said.
Sartin declined to comment on Verizon’s physical security measures around its infrastructure.
Like end customers, channel partners usually don’t have insight into the security measures a carrier has in place to protect their infrastructure. But given the current security landscape and the different threats that are emerging, additional training and security are needed, said Dennis Kellam, vice president of sales for Unified Connection, a Melville, N.Y.-based Verizon-exclusive partner. “Given cost, [however,] this won’t happen. Banks don’t pay for guards until after they are robbed,” he said.
View the original content and more from this author here: http://ift.tt/1D3YFJT
from critical infrastructure alliance http://ift.tt/1GbtEDV
via IFTTT
No comments:
Post a Comment