Recent events suggest that cyber warfare has evolved from distant sci-fi prediction, to a real and present danger. Foreign election tampering may be stealing headlines now, but the 2017 NotPetya ransomware outbreak is a stark reminder of just how effective cyber warfare can be.
Launched by suspected Russian state-sponsored hackers, NotPetya was targeted at Ukraine. Posing as a typical ransomware infection, the attack managed to take several critical government bodies – including the radiation monitoring systems at Chernobyl nuclear power station – offline.
The collateral damage was significant. Businesses and banks were caught in the fallout, bringing much of the Ukrainian economy to a halt for several days.
The beauty of cyber warfare is that smaller nations are able to compete against global superpowers. The “Syrian Electronic Army” has successfully attacked targets within the US for instance. The threat of cyber warfare is very real – and your business could be caught in the crossfire.
Cyber warfare affects cyber crime
Cyber warfare techniques are often co-opted by criminals too. Hacktivists – ideologically driven hackers – will use cyber warfare tools like distributed denial of service (DDoS) attacks to cripple businesses that do not conform to their beliefs for instance.
The budget and overall means for developing security exploits at disposal of hackers active in cyber warfare is huge, attracting the brightest security talent. This means that those very sophisticated weapons are extremely likely to be used also to target commercial companies with a different ultimate goal: making money. These business-focused attacks typically take one of two forms:
- Ransom demands using DDoS or ransomware to restrict/prevent access to key data and systems
- Theft of valuables that hold a value (cryptocoins, payment cards) or that can be sold for a price (personal data, trade secrets, engineering projects, pharmaceutical studies etc).
Cyber criminals have also managed to come into possession of the cyber warfare tools used by nation states too. Many of the malware attacks that followed NotPetya were built on the same EternalBlue exploit that was originally developed by the US Department of Defence for cyber warfare purposes.
Cyber criminals now have access to a huge array of sophisticated tools and weapons that can be launched against public or private infrastructure. In many cases cyber criminals are more advanced than the governments they attack.
These criminals may not be employed by a government, but they can wield similar disruptive power that could negatively impact your business.
1. Apply established security frameworks
Frameworks like PCI-DSS have been created to help your business understand and apply best practice security principles. Achieving and maintaining compliance with these frameworks will be a significant step towards protecting your business (and customers) from cyber attacks.
These frameworks help you build a layered security infrastructure to remove any potential single point of failure. This layered approach is like a museum; you have guards patrolling the perimeter, security cameras monitoring the inside of the building, and sensors installed on each art piece.
Even if one of the underlying infrastructure services is disrupted, the actual asset is still a few security controls away from being exposed. In the museum scenario, if one of the sensors is compromised, the thieves must still get past the cameras and the guards, dramatically reducing their chances of success.
2. Build resilient infrastructure
As mentioned above, theft of valuables is typically the primary focus of cyber criminals and the number one risk exposure for commercial companies.
To counter this, you need to design resilience and redundancy into the infrastructure layer of your business. The level of investment required to build a system capable of withstanding a state-sponsored attack is beyond the budget of most businesses however.
Instead, your business should take advantage of platforms that have resilience built in as standard. Cloud platforms are built on a globally distributed network of data centres for instance, helping to reduce or negate the effects of a cyber attack as data loads can be transferred between Cloud data centres seamlessly.
These cloud data centres are also being constantly updated by the service provider to better protect their customers’ data; security is outsourced to the provider, helping to reduce operating costs and avoid the security skills shortage currently affecting the IT industry,
Assuming that your business is unlikely to fall victim to a cyber warfare attack is just a false sense of security. Robert S. Mueller, III, Director of the FBI once remarked, “There are only two types of companies: those that have been hacked and those that will be hacked.” This quote is already out of date however - now it should be “There are only two types of companies: those that have been hacked and those that don’t know they have been hacked”. In today’s world there is really no justification for avoiding investment in cyber security and resilience. There is always a risk that cyber criminals could leverage their knowledge for profit - it’s their “job”.
3. Secure access to cyber security skills
Cyber security skills are increasingly important to all your IT operations. If your business cannot hire suitably skilled employees, you will need to partner with a supplier who can.
Like IT security, cyber warfare is a constantly evolving field – and you need access to professionals who can adapt just as quickly. Otherwise the safeguards you implement now will not keep pace with new developments, leaving your payments systems at risk in future.
Remember that cyber criminals are often ahead of the bodies responsible for national defence – and your security strategy will need to accommodate this disparity.
Seek help now
The reality is that the threat of cyber warfare has never been more acute. Your business needs to act now or face significant problems at some point in the foreseeable future. Preparing for cyber warfare is a key aspect in protecting your business against criminals too – because your business is more likely to suffer a cyber security breach at the hands of criminals than a foreign nation state.
For more help and advice about securing your business against cyber attacks, please contact us.
Comments