The militarization of information technologies increases the challenges of cybersecurity
As pressure increases on governments around the world to take decisive legislative action to protect vital networks, data and infrastructure, it is increasingly recognized that despite its vital role, regulation alone cannot meet the challenges posed by criminal and state cyberattacks.
The pressure to act is growing. Among the devastating attacks on public sector IT infrastructure in countries around the world, the now infamous SolarWinds incident arguably did more than any to spur politicians into action. While the governments of the United States and the United Kingdom have blamed the Russian Foreign Intelligence Service (the SVR) for the supply chain attack, the Russian government rebutted the claims in an exchange of Cold War rhetoric.
Additionally, the director of the National Cyber Security Center (NSCS) recently said that criminals based in Russia and its neighbors were behind the most “devastating” ransomware attacks seen in the UK. Indeed, the problems associated with ransomware alone are unprecedented. Earlier this year, a group of more than 60 organizations around the world, including Amazon, Microsoft, the FBI and the UK’s National Crime Agency, formed the Ransomware Task Force (RTF), calling on governments to take action. measures. In issuing recommendations to address the issue, the organization not only described ransomware as a “danger to public health” but also as a “threat to national security”.
In the most high-profile national cybersecurity policy developments, the May Presidential Decree (EO) established the urgent need for change, with particular emphasis on accelerating the pace of investment and modernization needed to improve the country’s cybersecurity. Cooperation between the public and private sectors is seen as essential, with the IB setting a series of deadlines for adopting the policy.
Soon after, U.S. lawmakers introduced a bipartisan bill that will require businesses to report cyber incidents to the government. The underlying goal is that it will allow authorities to “mobilize to protect critical industries across the country”.
Raise the bar
While moves to introduce stricter laws and compliance standards are an important part of a larger process to increase levels of protection, without better technological solutions, sophisticated adversaries of nation states are likely to fail. stay one step ahead. Few would say government-led enforcement is essential, but there are obvious limits to the jurisdiction of any bill drafted at the national level, especially where the illegal activities are state sponsored and by definition. , secret.
These developments also recognize that cyber has joined land, sea and air to become the fourth contemporary battlefield. From a risk / return point of view, it is a theater of operations that offers many advantages. For example, attacks can be carried out with little or no repercussions, but have devastating practical consequences. Attackers do not wage war or commit acts of aggression in the traditional sense of the term, and there are still few examples of attacks resulting in human casualties. However, each incident adds to the underlying tension and suspicion that exists on the international stage.
In practice, the ability of public sector agencies to make improvements depends on considering a range of priorities and risks, such as those presented by infected files and documents. Created and shared by the millions between individuals, teams and organizations, they represent a major attack vector that is constantly exploited.
A big part of the problem is that while most organizations understand the need to fend off malware and file-based ransomware, too many of them still rely on a fully responsive response based on anti-virus technologies and sandboxing systems established to protect their precious files and everything on them.
While this provides some degree of protection, the problem is that almost 70 percent of malware found embedded in files is of an unknown variant when received. Indeed, this malicious content is invisible to reactive cybersecurity technologies, leaving users with a major protection gap and a potentially catastrophic security blind spot. Without more effective strategies, many organizations rely on a flawed combination of ineffective technology and user training to ensure that suspicious files and links are not opened.
As the “weaponry” of information technology intensifies at an alarming rate, organizations must dramatically improve their ability to proactively identify and defend against attacks, regardless of their source and motivation. If you don’t, more organizations will be at even greater risk of disruption and damage, tactically overwhelmed by adversaries who rely on the inherent weaknesses of many computer networks today for their success.
Sam Hutton is Senior Vice President – North America at Glass wall. Sam is proud to offer the perfect partnership (and true collaboration) to organizations across North America. Because with over 20 years of experience selling and providing solutions to the finance, security, defense and commerce industries in this space, Sam knows that even the most advanced technology needs the best team of people to support it.