Cyber Wars: New threats enterprises have to deal with

Cyber Wars: New threats enterprises have to deal with

The threat landscape will get complicated in the coming years with both state and non-state actors waging cyber wars. Enterprises and governments will have to increasingly collaborate to secure information assets.

Cyber warfare is moving to the next level. Countries are investing massive resources in building cyber armies with offensive capabilities to target enemy assets. They have the potential to bring down Internet networks, financial systems, infrastructure, and utilities. Many countries are considering cyber wars as it is a cheaper way of bringing an enemy state to its knees than a conventional war. Cyber attacks can be done in stealth and it’s hard to prove whether a state or a non-state entity has been responsible for the attacks.

Cyber warfare has no rules of engagement as interconnected networks are the battlefield and there are no boundaries. With super connectivity becoming the norm, players can hit enemy assets at will, bring down a country’s infrastructure or even wreck its economy. Connected enterprises are the most obvious targets during any cyber war. So it is important that enterprises review their security strategies to counter new threats.

Threat scenario
Here are a few recent instances of highly organised cyber attacks, some of them perpetrated by nations that targeted enterprises. In 2017, WannaCry ransomware infected 3,00,000 computers in 150 countries. The perpetrators, apparently backed by North Korea, collected billions of dollars in ransom. In the same year there were many other similar instances. Unknown hackers stole data pertaining to 57 million customers of cab aggregator Uber, which paid an unknown sum in ransom. A group called Shadow Brokers stole hacking tools from the US National Security Agency.

Hackers also breached Equifax, one of the largest credit bureaus in the world, and stole the personal data of 145 million people including their social security details. Then there were NotPetya ransomware attacks, allegedly carried out by Russia, which disrupted utilities in Ukraine like power, air traffic and banking infrastructure. The attack also targeted enterprises like Maersk and Merck.

While it is hard to pinpoint how many of these attacks had state sponsorship, there have been earlier instances where states were complicit in launching cyber attacks.

Cyber warfare spends are on the rise
Most countries across the globe are increasingly spending on securing their information assets while also building offensive capabilities that help them target key installations and enterprises in enemy countries.

Going by data available in public domain, the IT and cyber security spends of most leading world powers are increasing. A Bloomberg report reveals that the US Department of Defence is spending $10.2 billion on classified IT till 2023. Its cyberspace activity spending is expected to reach $ 8.9 billion in the same period. UK, meanwhile, has earmarked £1.9 billion to carry out its national cyber security strategy as per a report presented in British parliament.

Denmark, which has been rocked by a spate of cyber crimes in the recent past has allocated $240 million to protect itself from digital threats. The Russian Federation has allocated $250 million to enhance its cyber offensive capabilities. France invested heavily on cyber warfare capabilities in 2014 by dedicating €1 billion to upgrade its cyber defence infrastructure. It is also hiking its cyber security spend in 2018. By 2025 the country is planning to bring on board 3,000 cyber security experts.

While similar statistics are not available for other leading NATO powers, all have extremely detailed cyber security strategies in place. Interoperability and co-ordination among member states to prevent and retaliate against cyber attack is the key highlight of NATO’s strategy.

China is also beefing up its cyber arsenal. A report in the Journal of Defence Studies claims that the Chinese People’s Liberation Army has been setting up information warfare militia units since 2002 and employs thousands of hackers. India recently commissioned a cyber security R&D project with an investment of $148 million. In India the Union government’s IT department has been spending about $18 million per annum on cyber security. All these developments point to an increasingly complicated cyber security scenario and a complex threat landscape shaped by both state and non-state actors.

New and emerging cyber threats
Recently, a well known US security firm unveiled a report that claimed state sponsored Chinese hackers have increased attacks on American companies, trying to steal financial information. This came in the midst of recent developments leading to a trade war between the US and China.

A few months ago the US and UK issued alerts on how Russia had initiated a cyber espionage program whose objective was intellectual property theft. The US also said it might carry out retaliatory cyber attacks on Russia in addition to clamping economic sanctions. Today, countries are also using social media to target users in enemy countries. According to some reports, Russia used Facebook and Twitter to influence public opinion during the last elections in the US. A few months ago the Indian Army issued a warning saying that Chinese hackers were targeting WhatsApp users to steal personal information. Very recently 80 leading researchers at the Oslo and Bergen universities in Norway were targeted by hackers, allegedly from Iran.

The future and how enterprises can stay secure
In the emerging scenario all countries, all enterprises or public utilities that are networked and controlled by computers are vulnerable to cyber attacks. Any state or non-state actor possesses the ability to identify vulnerabilities and launch attacks on another state’s critical assets.

Cyber security solutions help organisations constantly monitor for threats. However, enterprises are mostly able to take remedial measures only after a breach has occurred. Consequently, the perpetrators of cyber attacks are always ahead of technology-enabled enterprises. So in the event of a cyber war the offender will always have an edge over the defender.

To prevent cyber attacks, like Israel did, two years ago when it thwarted a large-scale attack on 120 Israeli companies, would require intelligence. But intelligence doesn’t come easy, particularly when we are talking of attacks that could emanate from anywhere, anytime in a war where there are no rules of engagement. As enterprises and governments embrace new technologies like the Internet of Things (IoT) and other digital technologies, they will only become more vulnerable to cyber wars of the future.

Consequently, here are some steps that enterprises need to take to proactively deter cyber attacks.

    • Cyber security should be a board level initiative. Most large enterprises today have brought the security function under a dedicated Chief Information Security Officer (CISO). While this is a step in a good direction, security should be accorded the highest priority at the board level.
    • Enterprises and various industry bodies that represent them, like NASSCOM, CII and ASSOCHAM, should participate in shaping national cyber security policy so that their information security concerns are adequately addressed.
    • Enterprises/CISOs should build greater connects with their counterparts within their industry verticals and share threat related information from time to time.
    • There should be three-way collaboration between enterprises, government and security solution providers and a mechanism to share information, threat intelligence, and work out ways to counter potential threats.

Cyber wars are a reality moving forward. Given the kind of resources governments are investing in cyber warfare the attacks are bound to increase in sophistication. It’s time enterprises took appropriate steps to protect their information assets.