Cybersecurity is back in the spotlight as the #1 concern of businesses across the world. This is because with the COVID-19 pandemic new scams, technologies and business vulnerabilities are emerging. As an example, the number of domains registered with ‘COVID’ or ‘corona’ has grown tremendously. Interpol said that by last March there were 40,261 newly registered high-risk domains.[i] VMware Carbon Black claims that the pandemic has been connected to a 238% surge in cyberattacks against banks alone[ii] and the World Health Organization has seen a fivefold increase in cyberattacks.[iii] In June, LG Electronics was hit by Maze (ransomware) with the attacker claiming to have downloaded 40GB of Python source code — proprietary information for projects that involved large US-based corporations.[iv] In the same month, cyberattacks brought several Honda plants to a halt.[v] Indiabulls reported a ransomware attack, joining countless other organizations across the world.[vi] Employees of one of our clients woke up one recent Monday morning to find they could not access their core systems. They called our cyber experts who invested 29,000 man-hours to restore normalcy. Frankly, in my 33 years in the technology business, I have not seen the challenge to cybersecurity become worse.
There is chaos in the digital world. Cyber scams, frauds and digital break-ins have become the new growth industry. This is because of rapid changes in work processes, often executed in haste. These have resulted in newer vulnerabilities that not all experts are familiar with. The damage being left behind is just as devastating — and often equally invisible — as COVID-19.
This is largely the result of organizations being forced to move from the safety of their well-defined enterprise perimeters into uncharted territory as the distributed Work From Home (WFH) wave grows, driven by the social distancing requirements of COVID-19. Chances are high that you are reading this sitting at home, multi-tasking, interacting with colleagues on Slack or Flock or working together on Zoom or Webex. Others are remotely logged into customer systems, a service desk in the cloud, the enterprise ERP or an MES system on the factory floor. Each person — and that includes you and me — is the reason that already overstretched cybersecurity professionals are on tenterhooks. They know that the threat surface has increased, the number of integration points have multiplied several-fold, the networks used by remote employees cannot always be relied upon and not all end/edge devices are being monitored.
I am not surprised that McKinsey research (covering over 250 global Chief Information Security Officers and security professionals) concludes that “crisis-inspired security measures will remain top budget priorities in the third and fourth quarters of 2020.”[vii]
It is interesting to see how the minds of cybercriminals may operate. First, and the most obvious, is to look at industries that cannot afford downtime as COVID-19 sweeps the world. These would include healthcare organizations and retailers who would be low-hanging fruit for ransomware attacks. It comes as no surprise that the Brno University Hospital in the Czech Republic that runs the nation’s COVID-19 tests was held to ransom as early as March this year. They have not been the last. Shortly thereafter, the US Department of Health and Human Services (HHS) was the victim of a foiled DDoS attack. Attacks on healthcare organizations such as hospitals, research labs and pharma companies have been rising. It takes little to guess why. Shutting down a healthcare facility today is the same as an act of war, with lives at stake (medical records are also particularly attractive because of the rich personal data they hold and draw a premium in the underground digital black markets). The UK National Cyber Security Centre (NCSC) and the US Cybersecurity and Infrastructure Security Agency (CISA) have, after the DDoS attack, issued warnings about cyberattacks launched by rival states against healthcare organizations fighting Covid-19.[viii]
Governments have been notorious for indulging in cyber warfare. Online is the new war front.[ix] Anyone familiar with Stuxnet knows that in 2010 the computer virus targeted the Programmable Logic Controllers (PLCs) in Iran’s nuclear facility and several mutations later found its way into scores of energy-producing facilities. McAfee and many others suspect that Stutnext was created by the U.S. National Security Agency, the CIA, and Israeli intelligence.[x]
Even more worrying are the new geopolitical alliances taking shape in various parts of the world (some recent areas that show interesting direction include Turkey, North Korea, China, UK, USA, Russia, India, France, Germany, Japan, and Canada). These go beyond conventional military build-ups.
They rebalance trade linkages and trigger proxy conflicts, many of these spilling into the online battlefront in the form of cyberwar, bringing any and all organizations in the line of fire.
We have seen how new vulnerabilities in business processes and systems can determine the new targets of cyberattacks, how demand in the dark black markets shapes cyberattacks and how changing geopolitics determines targets.
One other vector determines how cybercriminals zero in on a victim. This is based on emerging technologies viewed by organizations as providing ways to improve business and gain competitive advantage. These technologies could lack maturity. Take your pick from blockchain, drones, biometrics, Internet of Things (IoT), Augmented Reality (AR), Virtual Reality (VR), Mixed Reality (MR), 5G networks, the convergence of infrastructure and several others…the list is long. Organizations leveraging some of these technologies become obvious targets for hackers. Organizations that have invested in advanced technologies are doing the right thing — but they must also ensure that experts have been consulted to bridge security gaps that result from these technologies.
There will never be a winner in the battle between hackers/dark actors and businesses/ governments/institutions/individuals. The scales will tilt, for a while, in favor of one before tilting the other way.
But we know this — the nations doing the hard sweating in research labs and on the field, attempting to push back cyberattacks, will be in demand when it comes to protecting networks, applications, databases and devices. I will leave you to think about this: The top three nations that filed cybersecurity related patents between 2016 and 2018 were China (1,415 patents), the US (492 patents) and India (72 patents).[xi] We know where the next Cyber Superheroes will come from. Keep a lookout for them.
Founder, Chairman and Managing Director, Microland Ltd