22 September 2021

When Cyber War Becomes War

Emil Sayegh

As the spectacle of the disorderly U.S. withdrawal from Afghanistan nauseates most Americans, the idea that the U.S. is involved in another potential war caught the attention of many as President Biden shared a warning about cyberattacks leading to a “real shooting war” in a recent speech at the Office for the Director of National Intelligence. The remarks illustrate the significance of the ongoing cyberattacks that have been specifically linked to sources out of China, Russia, Iran, and groups associated with ISIS. The remarks further highlight those threats against the country and infrastructure are on an exponential rise and the nation now considers a tangible military response to a cyber attack as a potential and appropriate course of action. Organizations are now thrust at the front lines of this international confrontation, and it is up to organizations themselves to prepare not only to protect themselves, but also show up with a patriotic mentality of protection for the sake of the nation.

Along the Modern Battle Trail

In the last several months alone, the impact of targeted cyberattacks resulted in critical gut punches to the nation. SolarWinds, the meat processing giant JBS, and the software platform known as Kaseya are examples of companies that faced attacks that compromised and crippled critical services such as fuel and food in parts of the United States. The Colonial Pipeline hack shut down the eastern seaboard for about a week, while the JBS meatpacking plant hack shut down a key ingredient of our food supply. These attacks could have simply been disastrous had they lasted longer, or been more distributed across the U.S. The threat of cyberattacks has been a looming presence in computing for longer than most people are willing to admit. What many failed to realize, however, is that despite significant efforts to secure and protect their organizations, this cyber battlefield has accelerated on several technical fronts. What has happened in the last several months should not shock anybody as many experts have been warning about this for years. Many factors have driven us to this point including:

● Poor architectures

● Poor awareness of risks

● Legacy IT systems

● Security gaps

● Software supply chain vulnerabilities

● Cheaper, more available means of cyberattack

● State-sponsorship of cybercrime

The list goes on. And as the world sheltered during the COVID-19 crisis a year ago, criminal cyber-plotting hit an entirely new level. For years, cybercriminals have stepped up their efforts against hospitals, city governments, law enforcement, and beyond but ransomware is in the news every day now, and the stakes are higher than ever. Even the ransom amounts speak to how devastating these attacks can be. Just a decade ago, ransomware demands were a few hundred bucks and the sort of blight that affected individual users, not organizations or entire countries. The attacks against critical services have now hit another level with reported ransom amounts of close to $70 million.

Modern War is Cyber War

The situation is tantamount to a prelude to a war, and it is difficult to envision a real life “shooting war” without a cyberattack that precedes it or accompanies it. Just like armed forces have multiple branches such as an Air Force and a Navy, cyber operations are now part of the mix of any war. We have witnessed deliberate proof of concept operations in these recent attacks against our infrastructure, and this could be an alpha wave of what’s to come.

What we are facing are well-organized criminals with ties to foreign intelligence agencies, with massive leverage, time, and deep technical knowledge. The scenario of cyberattacks escalating to actual warfare is highly likely as cyber weapons are now viable tools of war that cripple a nation’s power supply, power grid, and food supplies without a single bullet being fired. Lives and livelihoods are the eventual casualty of future cyberattacks. Would a sustained attack on the IRS or a complete outage of the banking system or a shutdown of the stock exchanges be enough to prompt a conventional or even a nuclear war? Where is the line drawn and where does the leap happen?

Those are questions we should probably all agree on because of the ramifications of loss that go along with these decisions. As a community, we must maintain extreme diligence (and even some paranoia) in what we protect and value. At this point in history, we must stand up as our patriotic duty and protect our own environments as individuals and within our organizations.

Packets Can Cause Bullets

None of us want to be the weak link in our efforts to suppress the rampant and vicious cybercrime. These sorts of cyber threats have always been around, and they always will be. It is up to the organizations themselves to accept responsibilities of their actions, of targeted spending and of building out well-advised operations. It is more critical than ever to readily identify threats, to secure resources wherever they may exist, to protect data when it is delivered to partners and customers, to be prepared to safely recover when things go wrong and to assure operations remain intact under any challenge. Let’s do our part, as a cyberwar can become a shooting war, and a shooting war almost never ends well.

No comments: