Criminal cyber-attacks have been an issue for decades, but in recent years this concept has evolved to a level where cyber-warfare is a very real concern for national infrastructure and defence. Whilst commercial cyber-attacks are estimated to cost the global economy over US $6 trillion a year (Source: Herjavec Group 2017 Cyber Crime Report), targeted cyber-warfare can be even more damaging and potentially deadly.

 

Grave consequences - Government departments, intelligence services, military organisations, financial organisations, nuclear facilities and commercial businesses with valuable intellectual property will all have stringent measures in place to mitigate physical and cybersecurity threats independently. Yet, they are often oblivious to the danger of leaving even a closed fibre network unprotected from physical attack. 

 

Any data network, be it civilian or military, is only as strong as its weakest link. As such, the asset owners can be potentially exposed to the threat of state-on-state action, terrorism and industrial espionage, as well as incidents without motive without even recognising their vulnerability.

 

Multiple threats - With low-cost and readily available technology that requires little expertise, it is possible for an agenda-driven individual, or state-sponsored team to tap and infiltrate a network at the fibre optic level, harvesting data without raising the alarm or leaving an evidence trail. 

 

Any data breach is of grave concern, but those that pass undetected for any length of time raise the stakes significantly. What’s more, in some instances fibre optic networks run across vast distances, meaning there could be tens of thousands of potential entry points for attack.

 

Intrusion detection - Effective detection of threats is vital for network security but implementing additional processing or encryption of the data to do so has a significantly detrimental impact on bandwidth and latency, thus negating a major benefit of using fibre networks in the first place. 

 

Unlike the widely used data encryption and protection schemes used to protect data in transit, Ava Group is pioneering a solution that does not involve manipulation or processing of the data streams, but rather protects against physical intrusion of the fibre optic connection, thus avoiding third-party access to the data and the potential for introducing additional vulnerabilities. 

 

This technology has recently been implemented in a fibre optic intrusion detection and location solution as part of a US $11 million project for The Ministry of Defence in India. The Ministry has the responsibility to protect its closed user group data network, which is one of the largest in the world and used by more than one million military personnel. The project is expected to be delivered in phases over a 15-month period, but the solution is beginning to strengthen the network from day-one of the installation.

 

The data network infrastructure protection solution developed by Future Fibre Technologies does not see or process the data, cannot access it and there is no requirement for encryption. Consequently, the network infrastructure is fully protected at every point and crucially, performance is unaffected. Another major benefit of this approach is that the deployment is completed with zero network downtime and can be rolled out across live infrastructure utilising dark fibres within existing cabling. 

 

Understanding the threats - Until recently there seems to have been a lack of focus on the security of networks by physical security operators, but I believe we are starting to see big improvements and this trend needs to continue.

A move towards improved cybersecurity standards of networked products will undoubtedly aid consumer choice, whilst adopting a lifecycle approach to network security will help ensure systems evolve ahead of threats rather than simply reacting to them.

 

Total protection - Protecting fibre optic data connections can be likened to protecting a physical perimeter fence. Whilst it guards your assets within it is also at the frontline of potential attacks. Therefore, it is essential to ensure it is always protected and monitored on a continual basis, ensuring no unauthorised access occurs and nothing can be removed without permission.

 

By ensuring that every part of your network as well as any devices connected to it are secured, it is much harder for malicious entities to take advantage of any inherent weaknesses and much easier for your security measures to do their job effectively. This holistic approach to network security adds an extra layer of protection which can be vital when the state and its population are potentially at risk. 

 

By Kevin Berry, Head of Information Security at Ava Group