Why Cyber Warfare Should Be on Your Security Radar Screen
Here on the Next Level Network Blog, we’ve talked about many and varied cyber threats from online crooks out to separate you from your money or to access data that can help them steal from others. When a cyber attack comes from a nation state actor, however, the motivation is far different. Then it’s cyber warfare, intended to disrupt political and other systems in order to weaken or destroy another government. Cyber warfare isn’t a thing of the future. It’s here now. The time is now to talk about cyber warfare and security for your business.
In its semi-annual 'Threat Horizon' report that includes 2019, the nonprofit Information Security Forum, an association that researches and analyzes security and risk management issues, predicts that within the next two years, nation states and other groups will seek new ways of causing widespread disruption, including power, and thus, Internet outages at the local or even regional level. Given our dependence on Internet connectivity at all levels of our businesses, it’s obvious that such disruption will be very costly, if not disastrous, to many companies.
But let’s not wait to see what might happen down the road. We can take a look at what’s already happening. The Center for Strategic and International Studies (CSIS) is a bipartisan, nonprofit policy research organization that provides strategic insights and policy solutions to decision-makers. CSIS tracks and posts significant cyber incidents on its website. For just the first half of August 2019, it has uncovered five significant incidents. One of them is chilling and right out of the headlines.
CSIS states that: A previously unidentified Chinese espionage group was found to have worked since 2012 to gather data from foreign firms in industries identified as strategic priorities by the Chinese government, including telecommunications, healthcare, semiconductor manufacturing, and machine learning. The group was also active in the theft of virtual currencies and the monitoring of dissidents in Hong Kong.
In November of 2018 CSIS posted that: Security researchers reported that Russian hackers impersonating U.S. State Department officials attempted to gain access to the computer systems of military and law enforcement agencies, defense contractors, and media companies.
Sounds war-like to us. Unfortunately, unlike conventional warfare, there are no rules of war with cyber warfare; and it doesn’t take an army. Widespread damage can be inflicted by lone combatants who target government and military offices, industrial control systems, financial organizations, health care providers, transportation networks and other infrastructure with out-of-date, poorly-maintained and often un-patchable systems.
Given these and other realities of hacking and misinformation campaigns, very little has been done among governments and multi-national companies to develop rules and norms of cyber warfare. In April 2018, in an unprecedented move, the U.S. Department of Homeland Security (DHS), Federal Bureau of Investigation (FBI), and the UK’s National Cyber Security Centre (NCSC) issued a joint ‘Technical Alert’ about malicious cyber activity carried out by the Russian Government. This same collaborative has also issued statements warning of similar activity by Chinese technology companies.
These efforts can hopefully form some groundwork for further, more broad-based agreement on definitions of and suitable responses to acts of cyber warfare.
In the meanwhile, what can companies do to defend themselves? Here’s a short list of priorities:
- Either directly or through professional associations you join, raise your concerns and let elected officials know that you expect them to act to protect our information infrastructure at the national, state and local levels. Additionally, through these organizations and officials, establish some standardized responses and alternate operating methods in the event of service interruptions.
- Have a robust and evolving business technology and disaster recovery plan. Determine how you will keep your business going in the event of a power and/or connectivity disruption.
- Meticulously maintain your technology infrastructure, including installing all patches and backing up data religiously – preferably in real-time. This will help you stave of the lone nation state bad actor, as well as, get you up and running quickly when a power/connectivity interruption is over.
- Train, train, train users of your technology and communications systems how to avoid inadvertent participation in hacking schemes.
If you’d like to speak with Soundshore Technology Group’s cyber security and disaster recovery experts, send an email to firstname.lastname@example.org. We’ll be happy to help. While you’re here, please take a look at our full list of cyber security services – growing as we help more and more companies defend themselves against very real and increasing cyberattack threats.