The beginnings – cyber attacks that wrecked states
As critical infrastructures become more digital, their cyber security vulnerability has increased. When these systems are compromised, it is certainly the general public that suffers the most, regardless of whether the state or the operator was responsible for the security of the particular infrastructure. In some ways, attacks on critical infrastructure can be seen as an attack on countries, which governments can defend against in a number of ways: through incentives or specific regulation to force operators to achieve a higher level of cyber security, or by developing their own capabilities (like malware analysis). To illustrate how real this threat is, here are some examples:
These are the main public examples. We have no idea how many attacks have actually occurred. Some of them may not have come to light or may not have been publicized, this list is probably just the tip of the iceberg. Malware (and malicious cyber activity in general) is a real threat to peace all around the globe, it is not without reason that cyberspace is called the fifth domain of operation.
Defense lines, zigzags and dashes
Operators of critical infrastructures (both state and business organizations) constantly improve their defense mechanisms to protect against cyber attacks:
Despite these efforts, there are still gaps in the defense mechanisms of many states. One of the main challenges is the rapidly evolving and asymmetric nature of cyber threats, which can make it difficult for states to stay ahead of attackers. Additionally, many states may not have sufficient resources or expertise to fully protect against all possible cyber threats.
Another challenge is the growing sophistication of cyber attacks, including the use of advanced techniques in supply chain attacks. These attacks can be difficult to detect and prevent, even with the most robust defense mechanisms in place.
Overall, while states are taking steps to defend against cyber attacks, there is always more that can be done to improve their defenses and address any gaps that may exist. In our experience, states are mostly only prepared for the eventuality of repulsing an attack, but less prepared for what happens in the event of a successful attempt (e.g. they have daily/weekly reports on the malware attacks that might occur on their infrastructures, but they don’t have in-house analysis capabilities if an attack actually happens).
Low-probability things happen often
It is important to have reports on possible attack vectors, do regular updates, use 2FA etc. It is also important to know what to do if something happens despite these efforts. Our Kaibou product does exactly that:
Several things have happened in recent years that we never thought were possible. The pandemic. Brexit. The Russian-Ukrainian war. If only the next once-in-a-lifetime event didn’t catch us unprepared. Developing the cyber defense capabilities of states and supranational organizations is absolutely doable, especially before an incident, but remember that preparation must also address the scenarios that would apply in the case of a successful attack.
Here are a few links to keep you up at night:
Copyright 2023 Ukatemi Technologies Plc.