Reshaping the Cybersecurity Landscape
Russia’s invasion of Ukraine has reshaped the geopolitics of Europe and the US, not least in terms of strengthening and recalibrating existing alliances. It has also highlighted the need to step up protection against cyber-attacks.
In addition to the rapid implementation of sanctions by the European Union, the Biden Administration and the United Kingdom, the parallel announcements that both Sweden and Finland were applying to join NATO marked an important move away from their previous positions of – perhaps nominal – neutrality.
Stockholm and Helsinki made their decisions in the full awareness that while NATO membership would ultimately enhance their security and send a strong message to Moscow, there were also some very real associated risks. No one was expecting a military response from Russia but an increase in cyber-attacks was seen as extremely likely.
This was publicly acknowledged in April 2022, at a joint press conference attended by security chiefs from Sweden, Finland and Norway. Assessing the threat, Antti Peltari, the Head of Finland’s intelligence service warned that Russia was likely to use cyber warfare as a substitute for more conventional forms of espionage. “Russia’s possibilities for human intelligence operations are currently limited because the willingness of Finns to cooperate with Russian diplomats is at a low level,” he said, just a few weeks later the Wall Street Journal reported that Finland and Sweden had raised their alert levels.
Lessons of History
Now, it must be said that fears of an upsurge of cyber-attacks have not yet been realised but that should not lead anyone to the conclusion that the concerns of politicians and security chiefs were unjustified. Witness the experience of Estonia, Latvia and Lithuania, the Baltic States. All former Soviet republics, they have at times been subject to significant cyber assaults and have, in consequence, strengthened their digital defences. For instance, back in 2007, when Estonia removed a Soviet-era statue, the country found itself coping with a wave of malicious online activity, including an attack on government websites. It strengthened its defences accordingly and is not something of a model for delivering secure digital services.
But no country is completely secure, not least because cyber warfare takes many forms. Attacks may be carried out by state agencies and target the control systems of critical sectors such as energy or healthcare in a bid to spread alarm or chaos. Arguably more insidious are the attacks that appear to be criminal in their nature, such as the theft of data or malware infections linked to ransom demands. These may be carried out – and often are – by criminal gangs – but some could be state-affiliated. And then, of course, there is misinformation spread by (again, state-affiliated) individuals, hacker groups and troll forms. The latter do not directly affect infrastructure or operations, but they can destabilise democracies.
Against this backdrop, what we’ve seen over the last few months is public officials in Sweden and Finland putting a much greater emphasis on the need for individuals, officials and business leaders to be aware of the threat and act accordingly. For instance, in Sweden municipal leaders have stepped up inquiries about cyber protection.
A Rising Tide of Cybercrime
If you step back to look at the bigger picture, the incidence of cybercrime has risen 600 per cent since the onset of the Covid pandemic and when an organisation falls victim, the costs can be huge. For instance, the average cost of a malware attack is $2.5 million.
In that respect, the necessity to step up defences against cybercrime orchestrated by a hostile state may have a beneficial long-term effect in terms of enhanced protection against a broad array of malicious actors.
The question is, of course, what can be done in the shorter term?
Well, most sizeable organisations are well aware of the threat posed by cybercrime and have implemented solutions accordingly, including e ducating staff on the dangers of responding to phishing attacks or downloading malware. But it’s a moving target. Both cyber criminals and hostile states are constantly honing their capabilities and deploying technologies such as Machine Learning and AI. Even fairly low-tech weapons such as phishing emails or disinformation campaigns have become more sophisticated.
In addition, public and private organisations need to be aware of a growing threat to digital control systems that can threaten critical infrastructure such as pipelines.
The ability to respond is key to the prevention and mitigation of attacks. For instance, Verizon has introduced a range of solutions that include an operations centre to track potential threats coupled with sophisticated events management processes. They also provide a response team to work in tandem with in-house teams.
As the threat from cyber-attacks grows, the response needs to be proactive and effective if critical operations and infrastructure are to be protected.