It's cybersecurity awareness month, and the UK’s central intelligence agency has gone on the record to declare that it now considers protecting the UK from cyberattacks to be as important as stopping terrorist attacks. Digital threats might not have such an obvious impact as those carried out with guns, or trucks, but they do have the potential to wreak havoc.
According to Jeremy Fleming, director of The Government Communications Headquarters (GCHQ), the UK’s investment in GCHQ and the new National Cyber Security Centre (NCSC) is vital for combating the “deeply challenging” problem. Fleming reports that the UK has dealt with around 600 sophisticated attacks in the past year alone. Including, of course, attacks on parliament and the National Health Service.
Fleming says that cybercriminals and state-sponsored entities are alarmingly fast at finding new ways to do harm:
"We see that in the way terrorists are constantly changing their weapons, or states are using their full range of tools to steal secrets, gain influence and attack our economy."
Nato Rings the Alarm
Yesterday, Nato’s assistant secretary general for emerging security challenges, Sorin Ducaru, also gave stern warnings at a conference. He reminded attendees that the dangers of cybercrime are growing.
Ducaru spoke about Nato’s decision to bring cyber-defense strategies into its political decision-making body, the North Atlantic Council. That happened in 2008, following an extensive hack in Estonia the year before. At that time, Nato published its first ever policy on cyber-defense.
In 2011, that policy was updated with added benchmarks and a centralized cyber-response initiative for protecting Nato networks. Ducaru explained that, despite this valuable forward movement, it was only in 2014 that Nato acknowledged that cyberattacks “can reach a threshold that makes them as harmful as conventional attacks.” This realization came during Russia’s illegal annexation of Crimea.
At that time, Nato again updated its policy in order to require member states to come to the aid of nations not only when they had been attacked with conventional weapons, but also with cyberattacks. Since then, Nato has established a cyber-partnership with the EU and the UN, as well as with industry and the academic world, Ducaru told the conference.
Ducaru praised Nato’s evolution and spoke of a closing of the “cognitive gap” between threat actors and the political and strategic entities that must respond. Now, Ducaru says that Nato has a whole range of defense systems, including threat assessment, intrusion prevention, malware detection, and rapid response teams.
Despite this vast improvement in its ability to respond to the threat of cyberattacks, Ducaru said that there was still much work to be done. Just as the UK’s Fleming suggested in his comments, Ducaru explained that cyberattacks are an ever-evolving threat that Nato must seek to stay one step ahead of. Innovation is key and is an area where Nato must strive to “push a little harder.”
Meanwhile, Sean Kanuck, director of the International Institute for Strategic Studies (IISS), has come forward to explain that the world is at a digital crossroad. Kanuch believes that governments around the world must come together to form more coherent approaches to dealing with cyberthreats.
Speaking at the CyberSec European Cybersecurity Forum in Krakow, Kanuch commented that “cyber-operations are increasingly being used to achieve traditional political, economic and criminal ends.”
Kanuch believes that the rise in cyberthreats over the last decade is largely down to nation states' preference for using attacks that don’t escalate into full-blown military retaliation. Cyberattacks can be notoriously hard to pin on any one particular threat actor.
Even when the attacker is known, victims are left “uncertain how to respond or even whether or not to publicly declare who they know perpetrated it against them because a public declaration with a failure to take response action only undermines your own strategic deterrent capability.”
Kanuch also explained that industry is becoming a primary target. He says that the private sector is not only coming under attack but is actually responsible for creating some of the technology that is used against it:
“Those companies are finding themselves becoming the target of nation-state, criminal or ideologically motivated hacking efforts. We have seen Microsoft comment on the exploitation of its software code and even enter the discussion about appropriate norms of behaviour and propose a digital Geneva Convention.”
NSA Secrets Stolen Using Kaspersky
It's not just corporations that need to worry about having tech turned against them. According to recent reports from the US, government agencies have been told to stop using Kaspersky Lab’s antivirus. The reason? A belief that the popular antivirus software may have been compromised and used to steal NSA secrets.
For now, the report is vague, to say the least. Published in the Wall Street Journal, the article is unable to say whether there was any involvement from Kaspersky itself. Despite this, the possibility that a program made to protect systems has been used to steal important data is evidence of the kind of threat that tech can pose.
Kaspersky has come forward to deny involvement:
"As a private company, Kaspersky Lab does not have inappropriate ties to any government, including Russia, and the only conclusion seems to be that Kaspersky Lab is caught in the middle of a geopolitical fight."
Title image credit: Den Rise/Shutterstock.com
Image credits: Jiri Flogel/Shutterstock.com, DeiMosz/Shutterstock.com, Lutsina Tatiana/Shutterstock.com