Logo Header Menu

Nation states won’t bother with backdoors — they’re more likely to walk through the front entrance

Mike Beck, global head of threat analysis at Darktrace, believes that while organisations are busy fretting about nation state back doors, they'll miss the real cyber threats Nation states won’t bother with backdoors—instead they’ll walk in the front image

The move to limit Huawei to “non core” parts of critical infrastructure signals the UK’s efforts to manage cyber risk to national critical infrastructure and the country’s most sensitive data. The idea is that if the Chinese are going to spy on the UK, they will most likely do this by planting “back doors” — deliberate security holes — into core parts of 5G infrastructure (the bits where communication is being processed). If we keep their kit out of these areas, then we foil the main method of state-sponsored hackers. But the reality is, nation state hackers often just walk through the front door.

GCHQ’s Huawei Cyber Security Evaluation Centre (HCSEC) has been scouring Huawei hardware since 2010, checking every Huawei device destined for use in the UK for backdoors. Whilst software vulnerabilities that plague all technology have been found, there is no sign of any hole that can be conclusively categorised as deliberately or maliciously planted “back doors”.

Backdoors are a legitimate cyber security concern — you can bet your bottom dollar that if state sponsored hackers manage to successfully plant them into technology without anyone noticing, they will exploit them. The GCHQ’s efforts to uncover backdoors is a welcomed pursuit, but it’s not enough to keep us safe from nation state attacks.

Is Huawei really a threat to an organisation’s mobile security?

Is Huawei really a threat to organisations’ mobile security? What are the real reasons you should be wary of working with Huawei? Joel Windels, CMO at NetMotion Software explores. Read here

Nations are unlikely to rely on planting backdoors as their primary method of entry because efforts like the HCSEC can expose holes in hardware relatively easily, and once exposed, attribution is hardly difficult. Consider the case in question: should the Centre find planted backdoors on Huawei hardware, they would know exactly where to point the finger – the game would be up far too quickly. Advanced persistent threats are masters of the long game.

In reality, state-sponsored attackers launch multi-step campaigns, testing several routes, known and novel, to gain access and wipe up their footprints. Once inside, they try to remain undetected for prolonged periods of time, slowly stealing the most valued data or gaining enough knowledge to cause widespread disruption.

What’s more, the most advanced and persistent threats exploit accidental vulnerabilities, often beginning with social engineering techniques and using creative and continuous hacking techniques to gain access to critical systems and, critically, remain undetected.

Five reasons to trust 5G, according to Huawei CTO

Speaking at Huawei’s Trust in Tech Symposium on the 3rd December, Huawei CTO Paul Scanlan gave five reasons to trust 5G. Read here

State-sponsored hackers don’t need to plant backdoors, because they increasingly make do with the front entrance. The 2015 attack on Ukraine’s power grid that plunged a community into darkness combined the exploitation of known accidental vulnerabilities with spear phishing — spoof emails sent to employees that secretly contained malicious word documents attached. This attack method is more favourable because it is so targeted. Increasingly, we are seeing state-sponsored hackers develop initial access by bribing or blackmailing employees that hold the keys to powerful admin credentials, or even gaining physical access to their target premises.

It is precisely the creativity of nation state attackers that has led to a shift towards the continuous monitoring of risk across globally distributed networks, made up of multiple third parties across the world, using artificial intelligence. The number of entry points and potential movements that must be analysed is simply too high for human security teams; for a growing number of government bodies across the world, behavioural AI systems now do the heavy lifting, understanding and pre-empting the decisions of adversaries at a speed and scale that humans cannot match.

Banning Huawei from the parts of 5G infrastructure where sensitive data lies is an attempt to manage the risk of state-sponsored attacks on critical infrastructure. But to focus the main efforts of our national security strategy on banning one supplier from sensitive parts of the network and scrutinising all of their hardware for carefully planted backdoors leaves us unable to see the wood for the trees.

The bottom line is — we can’t really predict where hackers will poke and prod next in the hope of gaining access to the nation’s critical data and infrastructure. They may plant backdoors – and dismantling every bit of kit will go some way to defending against this technique — but this is just one of a plethora of ways they can get in. Relying on humans taking apart bits of one vendor’s kit and patching vulnerabilities will not be enough to fight this unpredictable threat; our infrastructure must be able to defend itself.

Written by Mike Beck, global head of threat analysis at Darktrace

Sign up for Information Age Newsletters

Latest news

divider
Releases & Updates
European countries most at risk of cyber crime revealed

European countries most at risk of cyber crime revealed

20 February 2020 / Specops‘ study on cyber crime, which analysed the percentage of cloud attacks on Azure alongside [...]

divider
Cybersecurity
Cyber security low in priorities for digital initiatives, according to EY survey

Cyber security low in priorities for digital initiatives, according to EY survey

19 February 2020 / In the latest EY Global Information Security Survey (GISS), only 36% of respondents said that [...]

divider
AI & Machine Learning
MEPs to discuss AI initiatives in the EU

MEPs to discuss AI initiatives in the EU

19 February 2020 / The upcoming EU whitepaper on AI to be discussed at the European Parliament headquarters in [...]

divider
Business & Strategy
Disconnect between IT and business is bad news for customer experience

Disconnect between IT and business is bad news for customer experience

19 February 2020 / IT, business and customer experience are functions that should go hand-in-hand. However, organisations must improve [...]

divider
Cybersecurity
BlackBerry Cylance highlights the scope of global attack surface expansion

BlackBerry Cylance highlights the scope of global attack surface expansion

19 February 2020 / BlackBerry has today released its annual 2020 threat report, which examines the scope of global [...]

divider
Releases & Updates
75% of credential abuse attacks on financial services targeted APIs

75% of credential abuse attacks on financial services targeted APIs

19 February 2020 / The study, ‘Akamai 2020 State of the Internet / Security: Financial Services’, observed over 85 [...]

divider
People Moves
Veeam appoints Gil Vega as chief information security officer

Veeam appoints Gil Vega as chief information security officer

19 February 2020 / Veeam Software have today announced that Gil Vega has been appointed chief information security officer [...]

divider
Releases & Updates
97% of IT leaders majorly concerned by insider data breaches

97% of IT leaders majorly concerned by insider data breaches

19 February 2020 / This finding from Egress‘s Insider Data Breach Survey 2020, conducted by Opinion Matters, spelled a [...]

divider
Cybersecurity
How much do behavioural biometrics improve cyber security?

How much do behavioural biometrics improve cyber security?

19 February 2020 / For example, researchers have hacked into smartphones that have fingerprint scanners by pressing the print [...]

Do NOT follow this link or you will be banned from the site!

Pin It on Pinterest