APAC CIOOutlook

Advertise

with us

  • Technologies
      • Artificial Intelligence
      • Big Data
      • Blockchain
      • Cloud
      • Digital Transformation
      • Internet of Things
      • Low Code No Code
      • MarTech
      • Mobile Application
      • Security
      • Software Testing
      • Wireless
  • Industries
      • E-Commerce
      • Education
      • Logistics
      • Retail
      • Supply Chain
      • Travel and Hospitality
  • Platforms
      • Microsoft
      • Salesforce
      • SAP
  • Solutions
      • Business Intelligence
      • Cognitive
      • Contact Center
      • CRM
      • Cyber Security
      • Data Center
      • Gamification
      • Procurement
      • Smart City
      • Workflow
  • Home
  • CXO Insights
  • CIO Views
  • Vendors
  • News
  • Conferences
  • Whitepapers
  • Newsletter
  • Awards
Apac
  • Artificial Intelligence

    Big Data

    Blockchain

    Cloud

    Digital Transformation

    Internet of Things

    Low Code No Code

    MarTech

    Mobile Application

    Security

    Software Testing

    Wireless

  • E-Commerce

    Education

    Logistics

    Retail

    Supply Chain

    Travel and Hospitality

  • Microsoft

    Salesforce

    SAP

  • Business Intelligence

    Cognitive

    Contact Center

    CRM

    Cyber Security

    Data Center

    Gamification

    Procurement

    Smart City

    Workflow

Menu
    • IMS
    • Cyber Security
    • Hotel Management
    • Workflow
    • E-Commerce
    • Business Intelligence
    • MORE
    #

    Apac CIOOutlook Weekly Brief

    ×

    Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from Apac CIOOutlook

    Subscribe

    loading

    THANK YOU FOR SUBSCRIBING

    • Home
    Editor's Pick (1 - 4 of 8)
    left
    Plea for a Resilient Infrastructure

    Pierre Noel,

    Inverting the IT Iceberg

    Chris Miller, CIO, Avanade

    IT Moves to the C-Suite

    Jim Deren,

    Simplified Deployment and Management of Data Center and Network Operations

    Ari Bose, VP & CIO, Brocade

    Evolving Challenges in Information Security Management

    Prashanta Ghoshal, Global Head, ITES, Geometric Ltd

    Revamp Hospitality Business with Technology Alignment

    Vijay Choudhary, GM-IT, HRH Group of Hotels

    Supercomputers and their Changing Landscape

    Dr Pradeep K Sinha, Sr. Director (Corporate Strategy and R&D), Centre for Development of Advanced Computing (C-DAC)

    Hospitality upgradation with Technology

    Khushru Siganporia,

    right

    Critical Infra-structure Protection

    Ken Soh, and CIO and Director,

    Tweet
    content-image

    Ken Soh,

    BH Global Corporation Ltd is today an established group providing a comprehensive suite of solutions that includes supply chain management, design and manufacturing solutions and engineering services to the Marine & Offshore and Oil & Gas industries.

    Cyber Attack - Are we even ready?

    Recently, an ethical hacking group was invited to perform vulnerability tests for a national water dam infra-structure. To the authority’s horror, the group managed to gain access to the dam gate management and control system via the internet within seven hours of intensive “hacking”.

    "The multi-faceted nature of attacks, coupled with freely available malware construction tools has created a highly unpredictable state of affairs even at nation-wide level"

    This means that all the water dam gates could be opened simply by the press of a few buttons if so desired by the hacking group. Today’s cyber security landscapes are unprecedentedly dynamic and complex. The impact of malicious intents has escalated from just enterprise-wide damages to catastrophic possibilities when such acts are targeting at critical infra-structures. The multi-faceted nature of attacks, coupled with freely available malware construction tools has created a highly unpredictable state of affairs even at nation-wide level.

    “Malware” and “Advanced Threat”

    In the past, malwares usually exhibited noticeable symptoms such as slowing down of PCs or crashing of hard-disks. In the cyber security industry, this is termed “noisy threat” because any infection is easily felt and noticeable.Today, more advanced approach, named “Advance Threats” entails malware that sits silently in the infected PC and acting as an agent for a remote “Command and Control” station to steal or manipulate information in the infected PC remotely, even from another end of the globe. Typically, historically discovered “malware” are computed with identifiers named “signatures” that are used for future identification. This is similar to the DNAs of biological viruses. Unfortunately, since “Advance Threats” are typically yet to be discovered, they do not have known “signatures” (or DNAs) and therefore are harder to be discovered and be filtered out by

    main-stream anti-virus tools and measures. Unfortunately, such threats are silent yet lethal. It is akin to the killing risk of carbon-monoxide as it is odorless, and by the time it is discovered, the killing might have been affected and it is too late for any rescue/remedial actions.

    Why is “Advanced Threat” so Dangerous?

    “Advanced Threats” today are not just silent information stealers, they may initiate serious and catastrophic threats that target critical infra-structures such as energy, water and even nuclear plants. A quick Google search on “stuxnet” would explain that. The reality today is, large infra-structures, be it in sea, land or air, are subject to such kind of “soft but potentially fatal” threats unknowingly.

    For example, there were reported cases that a floating oil rig was tilted; and another was stalled for 19 days, both due to infected systems. Separately, Somali pirates today are eavesdropping on vessel navigation information as a means to identify their “fatter” targets. This forces many ships sailing in the piracy-prone zone to turn off their navigation systems, or to use devices to “illegally” report false location information to the global navigation networks. Unfortunately, such “counter-measures” are risky by it for apparent reasons.

    In the past, you download or copy a bad file, and your PC is infected. Today, a PC could be infected silently merely through visiting a malicious web site. The user does not even need to click on anything in the web site to be infected.

    Education is Key

    The community therefore could not stay ignorant of such threats anymore. To re-iterate, there are few elements that business owners should be educated in and aware of:

    Firstly, today’s malwares typically do not perform straightforward attacks like crashing your hard-disk. It stays silent and resident in your system, acting as the agent, responding to a “Command and Control” (C&C) system that may reside in remote PCs in even another country, to easily browse your PC and siphon out files and information of interests. Secondly, the infection process is much more advanced today. You may just be browsing a website, or might open a document file in an email, and because these malware do not get detected easily, they do not bear signatures so they may stay undetected in your PC for a long time. Thirdly, and most seriously, these malwares today may target infra-structural operations.

    The Counter-Measures – A Holistic Approach

    Alongside education, it is important that appropriate processes and tools are put in place, whether it is in the land offices, on-board vessels or off-shore sites. There is no one-size-fit-all solution. The site concerned needs to be accessed by the security specialists so that a fitting solution could be recommended. Over or under sizing of security measures would result in unnecessary spending or inadequate measures respectively.

    While the traditional perspective of people, process, technologymay sound like another outdated and dry reference model, it remains a useful baseline for a holistic and effective cyber security management framework. With the rapid emergence of new and sophisticated malwares, CIOs/CISOs may start to feel the criticality of technology factors over people factors going forward.

    In summary, today, it is essential for organizations to incorporate end-to-end actionable items into their BCM framework. Some of these items include: cyber-attack vulnerability assessment, prevention, detection and incident response framework.

    tag

    cyber attack

    Supply Chain Management

    Weekly Brief

    loading
    ON THE DECK

    I agree We use cookies on this website to enhance your user experience. By clicking any link on this page you are giving your consent for us to set cookies. More info

    Read Also

    Streamlining Operations and Empowering Teams in Facilities Management

    Streamlining Operations and Empowering Teams in Facilities Management

    Shaye Rogers, Workflow Support Manager, Cushman & Wakefield
    Technocreativity: The Synergy Of Technology And Creativity

    Technocreativity: The Synergy Of Technology And Creativity

    Tran Nguyen Phi Long, Group Head Of Retail Marketing, Pnj Group
    Leading It And Digital Transformation At Ikea: Insights From An Industry Veteran

    Leading It And Digital Transformation At Ikea: Insights From An Industry Veteran

    Sigit Triwibowo, Head Of It And Digital, Chief Technology And Digital, Ikea
    Executive Leadership And Digital Transformation In The Global Fashion Industry

    Executive Leadership And Digital Transformation In The Global Fashion Industry

    Eiko Ando, E-Commerce And Digital Director, Pvh Corporation
    Digital Transformation in Fashion Retail - From Efficiency to Experience

    Digital Transformation in Fashion Retail - From Efficiency to Experience

    Le Van, CTO, YODY Fashion
    Driving IT Transformation at Lactalis Australia

    Driving IT Transformation at Lactalis Australia

    Sabina Janstrom, Chief Information Officer, Lactalis Australia
    AI Adoption in Hospitality: Striking the Balance Between Innovation, Excellence and Trust

    AI Adoption in Hospitality: Striking the Balance Between Innovation, Excellence and Trust

    Phiphat Khanonwet, Head of IT, Onyx Hospitality Group
    The AI Rat Race - Keeping Up with New Technologies or Waiting for Maturity?

    The AI Rat Race - Keeping Up with New Technologies or Waiting for Maturity?

    Andreas Kurz, Global Head of Digital Transformation, ALFAGOMMA Group
    Loading...
    Copyright © 2025 APAC CIOOutlook. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy and Anti Spam Policy 

    Home |  CXO Insights |   Whitepapers |   Subscribe |   Conferences |   Sitemaps |   About us |   Advertise with us |   Editorial Policy |   Feedback Policy |  

    follow on linkedinfollow on twitter follow on rss
    This content is copyright protected

    However, if you would like to share the information in this article, you may use the link below:

    https://ims.apacciooutlook.com/cxoinsights/critical-infrastructure-protection-nwid-1070.html