How to hunt down cyber threats?
As the economy and critical infrastructures have strongly become dependent on computer networks and ICT solutions, technology and cooperation will be key elements to face the fast-evolving cybersecurity threats. With quantum computing on the horizon, the entire security chain is at risk including public infrastructures, blockchain-based systems, and encrypted data.
Hence the importance of getting a comprehensive overview of existing security vulnerabilities: it will be a strategic and serious competitive advantage in the future. This is what international cyber experts discussed on stage last June 29, at ICT Spring.
For the occasion, The Blockhouse Technology Managing Director – Luxembourg Petra Krizan served as Master of Ceremonies for the Protector Conference morning session. In her opening speech, she reminded how “our world is interconnected like never before”. As the power of technology is transforming our lives, bringing along various benefits and opportunities, it is yet important to bear in mind that this advancement is also synonymous with an ever-growing threat landscape.
Gathering some of the brightest minds, industry experts, and cybersecurity enthusiasts, the mission of the session was twofold: to understand the challenges we face and to explore innovative strategies in hunting down these threats.
Building a cyber defense strategy
World-famous hacker, cybersecurity expert, author and international keynote speaker Bryan Seely started the ball rolling and explained how he proceeded to attack the FBI and Secret Service. An incredible story as, instead of being caught, the Secret Service called him a hero and praised his courage and integrity. This said, he went on arguing that C-Levels are generally the first to be targeted, as they control important business activities. In this case, not only hackers attack C-Levels’ professional accounts, but also go through personal ways – such as the family. From buying credentials in dark web marketplaces, phishing emails, to data brokers or rogue access points, hackers have their own tactics to achieve their aims. Hence the importance of defending our private information as much as professional ones, and of course businesses as a whole. Seely left the attendees on one of his intriguing sayings: “The primary reason you haven’t been hacked yet, is that there are not enough hackers”.
It makes clear that data protection constitutes a major priority for businesses and, actually, for anyone. Head of the SIGCOM Research Group at University of Luxembourg SnT Prof. Symeon Chatzinotas presented how to protect high value data in transit. He gave insights on quantum communications, and more precisely on what is done at national-scale. In this scope, he presented the LUXQCI project, which aims at designing the country’s national Quantum Computing Infrastructure (QCI), integrating both terrestrial – for the national ecosystem – and space-based – to reach other countries across Europe – quantum key distribution into an innovative hybrid key management system. The idea would then be to integrate this QCI with other European QCI initiatives. Another further objective Chatzinotas mentioned is the one of transforming the QCI into a Quantum Internet, linking quantum processors and sensors, so as to enable an EU-wide distributed quantum computing and communication capacity.
Chatzinotas’ keynote speech was followed by a roundtable discussion on how to hunt down emerging and future cyber threats, hosted by Ferrero Global Head of Cyber Defense Filip Nowak. When it comes to emerging threats, University of South Brittany Cybersecurity Innovation Engineer Jack Noel referred to the last report of the European Union Agency for Cybersecurity (ENISA) on Cyber Threats which lists 10 major threats – including skills shortage. “It said we need more competencies, more people who know about cybersecurity”, he said. This hence places universities at the forefront as they must train students and do research on how to stand against future threats. On his side, Agenzia per la Cybersicurezza Nazionale Data Protection Officer Stefano Marzocchi highlighted another major threat, which is privacy. He stressed that it is “necessary to invest much more time and resources in implementing a new vision on cybersecurity and privacy”.
“There is no remedy for everything but I believe a change of mindset is needed” – Michela Lecce, Cybersecurity Technical Specialist (Microsoft, Women for Security)
As University of South Brittany Professor of Computer Science Salah Sadou reminded, innovation and new technologies are double-edged. As great innovation (notably digitalization) can be, it expands the surface attack, the vulnerabilities – which inevitably creates new threats. Michela Lecce noted that there is a real business behind cybersecurity attacks (cf. crime-as-a-service). And with the current geopolitical situation, these technologies are used to influence, to carry a message: hackers use them as tactical means to achieve their goals, and this results in a rise of threats such as hacktivism, for instance.
“We need to really change the approach in how we create awareness” – Stefano Marzocchi, Data Protection Officer (Agenzia per la Cybersicurezza Nazionale)
Lecce further stated that cybersecurity is often seen as an obstacle to business, when it is actually an enabler. In order to benefit from this, it is necessary to collaborate with agencies, universities, and other stakeholders, so as to attain a holistic approach. “There is no simple solution but I believe that everything starts with the mindset of everybody, not just those working in cybersecurity”, she added. Jack completed by underlining that “in cybersecurity, everything is about awareness and education”. Stefano further reminded that, “if we are advanced in digital, we need to be advanced in security, otherwise everything is falling down”.
Josef Grill then introduced WEDOS, which he founded in 2010. It is currently one of the fastest growing IT companies in the Czech Republic, with an international reach. For now, it owns two private data centers in Hluboká nad Vltavou, and has over 315 thousand customers worldwide. To note that the entire WEDOS Global infrastructure consists of 1500 physical servers and connectivity of over 2.5 Tbps. Customers can rely on this infrastructure to load their sites faster (with anycast DNS) and protect themselves from DDoS attacks at the L3, L4, and L7 layers. WEDOS Global has existed since 2022, and is already ranked in the top 10 in Europe.
What about neutrality in cybersecurity? Factors such as geopolitical, Covid, globalization, have been accelerating horizontalization that is occurring around the world. Head of delegation cyberspace at the International Committee of the Red Cross Mika Lauhde explained that there are certain recent trends, influenced by geographical or economic situations for instance, that are not available everywhere – encompassing digital solutions and new technologies. This causes a real gap between some countries which are really advanced in terms of digital transformation, and other countries that are lagging behind. At his level, Lauhde aims to create cybersecurity which would be neutral. What does it mean? It is not all about fairness and impartiality, but also about integrity and availability of the technologies. The latter should be guaranteed to everybody instead of a few countries having the monopoly, leaving the other countries behind.
On his side, Chrome Enterprise Browser Specialist EMEA Oliver Madden pointed out that cybersecurity also depends on the browser. The latter has become “a critical part of security layers”, notably as 71% of cloud workers’ time on a device is spent on a browser or in virtual meetings. Hybrid work has also become a norm in most companies since the Covid-19 outbreak, this means that most workers are working out of the business secure network. In this context, it proves important to recall that security remains a huge challenge for organizations as cyber attacks are becoming more sophisticated than ever before – notably ransomware or malware that are costing people and organizations a lot more.
“54% of businesses say that cyberattacks are too advanced for their IT team to handle on their own” – Oliver Madden, Browser Specialist EMEA (Chrome Enterprise)
This said, Madden stated that the browser’s role has evolved from an access point to an important endpoint. In fact, “the browser has now become a sophisticated part of our security layer and we need to trust it, and use it as such”, he specified. What is secure enterprise browsing? It encompasses for instance security built into the browser, customizable policies to manage and secure your browser, real-time protection against external and internal threats, or visibility into potential web-based threats. Overall, secure enterprise browsing protects users regardless of where and how they work, especially when the workforce is hybrid and remote.
The future of cybersecurity lies in collaboration within the industry… and beyond!
Luxembourg House of Cybersecurity CEO Pascal Steichen made clear that all current and emerging technologies, such as AI or quantum computing, cannot exist without cybersecurity. “Digital and cyber are like two faces of the same coin”, he added. Cyber is yet not only about technology; over the last few years, it has evolved out of technology. On the one hand, there are the legal aspects: notably “the tsunami of EU regulations coming along when it comes to cybersecurity”. On the other hand, there are the social aspects of cybersecurity: human beings need to remain at the forefront. And political aspects are also progressively coming out: a lot of attacks are “state-sponsored” and, in this case, there needs to be international solutions.
Steichen referred to two specific ongoing projects at the United Nations (UN). First, there is the Ad Hoc Committee to Elaborate a Comprehensive International Convention on Countering the Use of Information and Communications Technologies for Criminal Purposes. This initiative focuses on sovereignty and human rights as it impels States to align with other UN conventions when dealing with cybercrime. “This will create an internationally recognized definition of cyber threats”, he commented. The text is expected to be published next January 2024.
Second, there is the UN General Assembly established an Open-Ended Working Group on Security of/and/in the Use of Information and Communication Technologies. It is specifically about all types of cybersecurity, the idea being to create an international framework on responsible behaviors in cyberspace – being the norms, rules, and principles, that each State should follow when it comes to cybersecurity. So far, 11 norms have been elaborated which consists in a list of do’s and don’ts. A conclusion of this work is expected in 2025.
On a national-level now, POST Luxembourg Head of Information Olivier Antoine and Luxcontrol Chief Innovation Officer Sébastien Weiland talked about safeguarding SMBs in the Digital Era during a fireside chat. The occasion for them to announce that both companies have joined forces to help Small and Medium Businesses (SMBs) in improving their level of information security maturity. In this sense, they created the Cyberscore label, a tool to evaluate and improve their security level – notably when it comes to cyber threats. Antoine emphasized that “a recent Accenture cybercrime study reveals that 43% of cyber attacks are targeting SMBs”. This hence points out that SMBs must be more vigilant and better equipped to defend themselves against cyber threats.
Weiland explained that a common approach for SMBs would be to apply CIS Critical Security Controls so as to ensure an effective cyber defense. The latter is based on a realistic and pragmatic solution which defines defenses against known cyber attacks. It also provides actionable tasks in clear language and allows checking compliance with ISO 27001:22. Coming back to the Cyberscore, which will be available in September, its ultimate objective is to establish a “state of the art” minimum requirement to ensure that every aspect is taken into account. The idea behind is to reach the luxembourgish landscape in supporting SMBs.
As another announcement that occurred during ICT Spring, Bertrand Lathoud officially announced the launch of National Cybersecurity Competence Center (NC3) of Luxembourg, of which he is the Head. NC3 is actually the result of the merger of two previous departments from Securitymadein.lu (now Luxembourg House of Cybersecurity), which were known as CASES and C3. Concretely, the mission of this center is to support the national ecosystem in building and improving cybersecurity competence and capacity, so as to develop the cybersecurity industrial base in the country, and strengthen the strategic autonomy of the European Union.
Luxinnovation Head of Sector Development – Digital Economy David Foy discussed the Luxembourg data strategy, which is based on three main pillars: boosting and assuring digital infrastructure capacity (data centers, satellite connectivity, fiber…); ensuring a strong regulatory environment; making sure we have the right support infrastructure set up (incubators, accelerators, research institutions…). And this is what Luxinnovation does, it helps companies coming to Luxembourg grow and enter the European market. Besides, Luxinnovation works on several national projects such as High-Performance Computing (HPC), National Cloud so as to for instance secure on demand cloud services for the business in Luxembourg, and National Data Exchange – a data collaboration platform safe and secure for research and business.
To finish off the morning session on Cyber Threats, Luxinnovation Defense Industry Coordinator Alexander Link, who presented the mission of Luxinnovation from the industry side. One of the missions and responsibilities of the organization is to integrate the Luxembourg industry into the EU Defence Value Chain via initiatives and programs supported by national and European institutions,including the Luxembourg Directorate of Defence and NATO. He highlighted that one of the key objectives of the Luxembourg industry is to explore commercial and R&D opportunities which the European Defence Fund can provide in order to diversify and let the know-how and defense capability technologies mature.