Cyberattacks have become even more sophisticated and harder to spot during the pandemic---especially given the accelerated shift to digitalization and remote work. The escalation of threats and threat vectors has been enabled by the emergence of smarter yet more vulnerable technologies such as artificial intelligence, big data, machine learning, and 5G. Greater tactical and strategic cooperation among hacker groups and state actors have also weakened cyber defenses worldwide. Their impact on U.S. business, economic, and national security cannot be understated. Last year alone, for example, the annualized cost of cybercrime worldwide was an estimated $6 trillion. If measured by a country’s GDP, cybercrime would be the world’s third-largest economy after the U.S. and China.
Today there are 14.4 billion devices interconnecting our world through the Internet of Things (IoT) and their smart sensors. The trillions of lines of software code and added functionality that keep these sensors humming strive to match the remarkable growth of digitalization and the intangible economy (e.g., intellectual property and state secrets). Taken together, what could possibly go wrong when massive connectivity of digital data and mobile devices spans across global operations and their supply chains? Well, as it turns out, a whole lot--- especially considering the growing sophistication of the data contained in online devices are brightly painted targets susceptible to a myriad of network intrusions. It does not bode well now that it takes nearly three hundred days for victim to spot malware or other viral breaches jumping over their firewalls.
Cyberattacks have become even more pervasive and harder to spot during the pandemic with the accelerated shift to digitalization and remote work. The escalation of threats and threat vectors has been enabled by the emergence of faster supercomputers and smarter technologies such as cloud computing, artificial intelligence, big data, machine learning, and 5G. Although these technologies were designed to protect us from smash and grabs, greater tactical and strategic cooperation among hacker groups and state actors have weakened cyber defenses worldwide. More astonishing are the levels of deception they employ to crack open networked systems. According to The Kiplinger Letter, hacking is much cheaper today thanks to ransomware kits selling for less than$100.00 on the dark web and an attacker for hire costs $250.
The impact of stolen data on U.S. economic, political, and national security cannot be understated. Last year alone, for example, the annualized cost of cybercrime worldwide was an estimated $6 trillion. If measured by a country’s GDP, cybercrime would be the world’s third-largest economy after the U.S. and China. In “If It’s Smart, It’s Vulnerable,” Finnish author and computer security expert Mikko Hypponen explains the role organizations can play in protecting trade secrets and other critical data from being poached by hackers targeting business and industry, government, and academic institutions (more on this later). According to Hypponen,“cyberweapons are effective, affordable, and deniable” ---especially when using false flag operations that allow state-sponsored actors to redirect and camouflage the source of their attacks.
Indeed, the internet is a marketplace that brazenly hawks stolen trade secrets to companies interested in gaining an edge on their competitors. For example, Industrial Spy’s suite of products include ill-gotten gains and sensitive data that they market and monetize to legitimate businesses. Incidentally, if you see an online ad for this company, do not click on it as it may likely be a Trojan Horse. Protecting your perimeter from external breaches is one thing. However, like shoplifting from a brick-and-mortar store, much of data stolen today occurs from within an enterprise or from a ‘trusted’ supply chain partner. Whether phishing, ransomware, or malware, developing strategies to mitigate these risks are critical to our nation’s global competitiveness. Threat intelligence software will only get you only so far because it is reactive and unable to instantaneously patch the daily siege of incoming threats.
Cyber resilience is key to anticipating, withstanding, and recovering from an attack. A proactive approach includes the often ignored but tried and true nature of social engineering. This is the kryptonite that hackers count on. The Kiplinger Letter states that staff training and awareness of potential threats is the first step companies must take to prevent data breaches. Rather than one-and-done, cyber training must be held on a continual basis to reinforce the importance of cyber hygiene and update staff on the latest threats. Companies need to continually update and patch their antivirus software and operating systems, filter emails, and automatically back up their data. Encrypting data and storing it offline is another measure for shielding virtual private networks, email, and other software applications. Multifactor authentication affords additional protection. Vet your IT vendors and consider cyber insurance. Other risk mitigation strategies include having a plan in place in the event of an attack. These are simple steps companies can take to reduce their heat signature from the daily barrage of incoming threats. At the very least, it will compel the hacker to move on and jiggle someone else’s door.
We can never assume that confidential information crucial to a company’s survival is protected at every level, even if organizations think that they are off the grid. They can only be as strong as the weakest link in the cyber defenses implemented by their supply chain partners and customers. In addition, industrial automation systems that use computers to control facilities (e.g., factories and power plants) are part of IT systems aided by programmable logic controllers (PLC) and supervisory control and data acquisition systems (SCADA). PLC devices and SCADA applications often contain bugs that fatally disrupt operations, shutting down production or, worse yet, releasing toxic elements into the atmosphere. Traditional manufacturers attempt to resolve these issues by connecting smart devices to dumb machines. Although many companies take a deliberate and thoughtful hybrid approach to implementing Industry 4.0 technologies and processes within their operations, seamlessly transitioning from analog to digital manufacturing opens a host of challenges related to corporate espionage and cybersecurity.
Enter organizations like Israeli-based NSO Group, world renowned for their Pegasus spyware designed to crack encrypted communications and detect zero-day threats of any iPhone or Android smartphone. The company has solved many issues plaguing law-enforcement and intelligence services worldwide. Their technology can decrypt encrypted communications while in the embryonic stage that is trying to scoop up terabytes of confidential information smart devices generate every day. Theoretically, the cyberweapon can prevent digital meltdowns of critical infrastructure, malware intrusions, plundering of trade secrets, drug trafficking, and terrorist attacks. Conversely, it can be deployed to prop up autocracies with questionable human rights records and every day hackers salivating at the chance to use Pegasus for nefarious purposes. Depending on which team you play for, another draw back is that Pegasus’ software can be embedded with deeper spyware that can burrow into the internal systems of NSO’s ‘clients.’
Barring an electromagnetic weapon or a quantum computer apocalypse that breaks public-key encryptions and disarms cyber defenses, it bears repeating that the intangible economy requires a preemptive approach to protecting intellectual property, military secrets, and other data that can be used to undermine our global security framework. While there is nota Swiss-army knife approach to safeguarding data, security experts around the world are attempting to create new algorithms that can withstand attacks and potentially defeat blockchain technologies. State and non-state actors are currently hoarding sensitive data that cannot be deciphered today but can be decrypted in the future with the advent of quantum computing. Imagine a world when algorithms can potentially unlock confidential information from the past retained by business and industry, academia, R&D facilities, and intelligence agencies worldwide. Historically speaking, what a story that would tell.