Guest blog: Written by Professor Aaron Jones, University of Advancing Technology
The top information security trends of 2021 will be industrial control systems in relation to critical infrastructure and supply chain security. We know that India suffered a targeted cyber attack of their Kudankulam Nuclear Power Plan in 2019 and Pakistan suffered a Netwalker ransomware attack on their power supplier K-Electric. The famous solar winds attack is a good representation of failed supply chain security.
Increased tensions globally will continue to fan the flames of cyber warfare. It can be very difficult to directly target a government or military entity and such attacks provide a tremendous risk of retaliation. The best alternative is to simply feign ignorance and blame criminal actors while using tools such as ransomware to disrupt the electrical grid or to destroy manufacturing capabilities of your target.
I do not have a crystal ball and I cannot see into the future, but I can infer from previous attacks that have been found to be successful that we will see attackers continue to target the supply chain of manufacturers as well as software developers and critical infrastructure. These attacks work and they get results and that is the most important aspect of conducting an attack. Any individual who may be concerned about cyber attacks can enhance their security by employing two tools. The first tool is a network intrusion detection system. Snort is a good choice. This allows you to monitor your network for abnormal activity but does require some level of technical acumen and you must also figure out what an appropriate baseline looks like.
The second set of tools you can use are known as source code analysis tools. There are many different tools designed for source code analysis and it will require that you know what languages you are using to find the right one. Individuals who do web development using PHP might be well served by the tool phpstan. Regardless of the tool you choose, the concepts are the same. You want a tool that will assist you in verifying the integrity and quality of your code while also looking for common mistakes.
ABOUT THE AUTHOR
Professor Aaron Jones is the lead cyber instructor at the University of Advancing Technology, a recognized leader in innovation and technology education, among a select few 100% STEM-based universities in the nation. In addition to being a highly skilled software developer who currently creates applications for law enforcement, he iis also an AZ POST certified general instructor as well as a public speaker. He earned a B.Sc., in Computer Information Systems from Park University in 2013 and an M.A., in Intelligence Analysis with a focus in Cyber Security from the American Military University in 2014. He has been the recipient of recognition from the El Paso Police Department, State Of Texas, Texas Military Forces, Chandler Police Department, and others.
Jones is also active in the community as the founder of the Phoenix Linux Users Group Cyber Security Meetup and regularly teaches members of the public a myriad of topics related to Cyber Security. His audience includes students, teachers, law enforcement, military, government officials, and concerned members of the public with a strong desire to learn what is going on in the world of technology.
Visit www.aztechcouncil.org/tech-events to view all of the Council’s upcoming virtual tech networking opportunities, engaging virtual tech events and in-person tech events.