At a Glance
In the wake of the ongoing cyber warfare between Russia and Ukraine, we are witnessing that attacks are also being carried out in the cyberspace as
complementary strategy in the destruction of adversary digital assets with large-scale implications. The technologies being used to perpetrate the cyber-attacks are highly sophisticated and of military grade. With more business on the internet, new apps, new software, these bring along more types of threats and risks.
In the wake of such events, what is the concern for the rest of the world?
The aim of a cyberwar is to knock down key organisations in specific countries by compromising their digital assets. The techniques used by cyber attackers are very evasive and highly technical to the extent that the onslaught of these cyber-attacks are raising concerns for many other countries. Recently Check Point Research (CPR), a leader in cyber security solutions released data showing a surge of 196% in cyber-attacks against a European country’s government and military infrastructure. Microsoft’s Threat Intelligence Centre also picked up traces of offensive and destructive cyber-attacks against this country’s digital infrastructure.
How often can we encounter cyber-attacks and how far can the cyber warfare be dangerous?
Based on figures produced by threat maps, a staggering of 80 million cyber-attacks are perpetrated on daily basis. These cyber-attacks typically consist
of Denial of Service attacks, exploitation of vulnerabilities, phishing or spread of malware. Digital assets are known to be riddled with weaknesses or software defects and hackers actively look for such defects to compromise them. The intent behind these attacks is to cause harm ultimately. In the case of ransomware, a hacker would attempt to trick people from executing a code that will cause key systems or data to be encrypted, following which he will claim a ransom to decrypt the data. In such cases, hackers are motivated financially.
The implications to the dangers of a cyber-warfare are consequential
This is not a riddle hard to crack. The cyber-warfare only started and new destructive malware such as “HermeticWiper” has already been seen in action. The concern for malware spreading to wreak havoc to other parts of the world is very well founded. Taking the example of WannaCry ransomware, it was estimated to have affected more than 200,000 computers with a global reach of 150 countries worldwide. With lethal cyber weapons being unleashed, the risk of being compromised is real.
The key measures to be adopted by companies to defend against any potential attacks
It is crucial to for both public and private sectors to take certain preventive measures with the current cyber warfare situation prevailing.
1. First of all, it is necessary to assess the risk exposure of internet facing systems. This should include email security, web applications and network devices. We want to be on the forefront to detect and stop the attack at the very beginning.
2. Secondly, it is vital for an organisation to assess the adequacy and effectiveness of its security defenses. Misconfigurations, lack of adequate policies and insufficient capability render certain defenses inadequate and ineffective in providing the expected cyber defense.
3. A good cyber defense strategy also involves monitoring if an attack is in progress and anticipate actions to mitigate its impact before damage can be done. Appropriate incident handling and contingency plans
should also be put in place as part of the organisation’s response and recovery strategies.
4. Exploitation of the human factor is also a reality in certain cyber-attacks such as phishing. Thus the importance to educate users against scams and precautions that need to be taken through continuous awareness.
Understanding the treat and bracing organisations against cyber attacks
With the ever evolving cyber threat landscape, organizations globally are looking for ways to mitigate risks of cyber attacks whose impacts are as far reaching as companies closing down permanently or having to bear
hefty fines for non-compliance.
Rogers Capital Technology through its Cyber Security Advisory arm is positioned to offer a holistic approach for risk mitigation and compliance. Its cyber security experts guide companies all the way from strategy to implementation, strengthening existing capabilities and addressing any crucial gaps in the fast-changing risk environment using innovative approach to security.