The past few months have been a significant wake up call for the cybersecurity industry, as well as a clear illustration of the impact and power of cyberterrorism and cyberwarfare around the world. Due to ransomware programs and viruses like WannaCry and Petya, or secret government sponsored hacking tools that have yet to be discovered, the global infrastructure is vulnerable and, unfortunately, there’s no end in sight. In the cases of WannaCry and Petya, these attacks relied on a known, published vulnerability, which gave users time to apply the appropriate patches and security updates. For those that followed appropriate protocol, many were able to avoid becoming victims of either of these attacks. However, in most cases, cyberattacks find and exploit unknown vulnerabilities, which results in far more individuals and organizations becoming victims.
As more devices and services come online, the risks are magnified. The internet offers access to global information in a way that we’ve never seen before. Gone are the days of Encyclopedia Britannica, libraries and hard copies; they’ve been replaced with search engines, Wikipedia, and social media for up-to-date information. The convenience of the internet has also found its way into the enterprise space. Gone are the days of MPLS, VPN dial-up, and private lines; they’ve been replaced with the global network – aka the internet – which businesses have embraced due to faster speeds, instant access, and lower costs.
Incidentally, as more business and services move to the internet the less secure we become. When some services, like Amazon or Netflix, are unavailable it’s nothing more than inconvenience, however not being able to access critical services like banking, health information, or and infrastructure is far more than just an inconvenience. Globally, the critical services and infrastructure (such as power, water, transit, and communications) of cities are becoming automated and connected. While these connections allow for better management of the municipalities and their resources, they also make them vulnerable and targets.
Over the past few months we have seen a significant amount of cybercrime/attacks through ransomware and other malware or exploits. When you take a deeper look, you start to see a pattern of behavior which includes:
· Attacks on a larger scale, meaning more end-points being infected
· Globalization within hours as opposed to days
· Larger Internet outages, such as the east coast in October 2016
· Hostile countries such as Russian, North Korea, and China being identified as state sponsors of cyber attacks
It’s a only a matter of time until a large scale attack brings down a city’s power grid, or worse. You can expect to see more attacks over the next year from countries like North Korea and China.
What can be done? Companies like Microsoft are calling for a global digital convention (http://bit.ly/2vqWov9) to globally combat cyberattacks and set policies for rules of engagement, such as not attacking civilians during times of war. Unfortunately, this thinking is naïve. We’re not talking about dropping bombs or shooting bullets, more damage can be done within minutes from keyboard 6,400 miles away from its target. When thinking about cyberwarfare what are the targets? Services such as power, communications, and transit. An attack on any of these services would be a direct attack on civilians. Better technology, more security, and less connectivity is what will, ultimately, be effective in reducing cyberattacks.