Cyber threats need a holistic, 360-degree security approach covering all aspects of external and internal intelligence, web intelligence, human intelligence, open source intelligence, signal intelligence, supply chain security and social media.
A cyber threat is a type of offensive maneuver that results in an unforeseen disruption of a computer network or system. This disruption could end up damaging these networks. A cyberattack is the one that is orchestrated by malicious players including nation-states, individuals, groups or organizations that targets computer information systems.
One of the most potent cyberattacks took place in May 2017 that paralyzed hundreds of thousands of systems across the world. The WannaCry ransomware crypto worm, targeted computers that were running on Microsoft Windows operating system. It encrypted data in the systems and demanded ransom payments in Bitcoins.
In one day, it infected over 2,30,000 computers and the attack spread over 150 countries. Many institutions across the world like UK’s National Health Service (NHS), FedEx, Deutsche Bahn and Spain’s Telefonica were hit.
In the recent years a number of cyber attacks on individual organizations like Sony Pictures has been traced back to malicious players in nations like North Korea. In 2016, Russia was accused of running a disinformation campaign against US Presidential candidate, Hillary Clinton. The emails of the Democratic National Party were also hacked and released by Wikileaks. The personal mails of French President Emmanuel Marcon (before the election) were also hacked and released.
Michael Chertoff, Former Secretary, US Homeland Security, Max Smeets, Cybersecurity Fellow, Stanford University Center for International Security & Cooperation, Dr. Vivek Lall, Chief Executive, US & International Strategic Development, General Atomics were at hand to provide expert analysis on ‘Cybersecurity- A 360° Perspective’ at the Synergia Conclave.
Chertoff said that the two important questions that needs to be asked are - what are the kinds of damage we are trying to protect ourselves from and what are the pathways that could be the attack vectors? He stated that the issue of trust was not part of the process when the internet was initially being developed as it wasn’t meant to be commercial in nature. He also noted that the internet has made it possible to scale up illegal activities. He noted, “It’s now possible to rob not just one bank but several.” He spoke about the importance of a resilient form of cyber defense. He said that organizations should recognize assets that are mission critical and place them in a different “compartment” for monitoring.
Max Smeets said that cyber infrastructure (including actors, malware, operations etc) is highly confusing even for those who research and work in the field. He said that many cyber threats within the cyber hotchpotch go by different names thus making it complicated for people. It is also due to the nature of activity that is witnessed.
Dr. Vivek Lall spoke about the challenges inherent within digitization and why they continue to persist. He said, “While threats from cyber attacks to commercial establishments are mostly handled by legal means, threats to national information and technology networks are considered direct attacks on national security.” He said any nation committed cyber security should be required to come up with strong governance initiatives and solid investments from private industry. A strong correlation between public sector and private sector was imperative to put together a successful cyber security program that works.
Our assessment is that, the recent ransom ware attack was a clear signaling, as it was very broad based. It had attacked banks, oil companies, airports, construction companies, etc. It is very critical that we focus on the intent and try to understand what it really means. As we have written before, cyber threats go way beyond networks and hence any threat mitigation strategy must also look at attack vectors outside networks.