Nation-state attacks are hard to spot. It’s time for a new approach to threat detection
Tag Archive for: hard
NATO, with Russian hackers in mind, takes hard look at cyber strategy
The core concept behind NATO is a simple one: attack one member of the bloc, and all will respond. But while that logic worked during the Cold War, does it make sense to rely exclusively on it in cyberspace?
Western strategists are increasingly saying no. Last year, the alliance quietly announced that a series of lower-level cyberattacks could, cumulatively, be a tripwire for the pact’s mutual self-defense. The move marked a sea change in NATO cyber strategy, and sparked questions about how best to bolster NATO cyber defenses – and if offense, of a sort, might be part of the solution, too.
Why We Wrote This
NATO has based its security policy on deterrence, via a mutual defense pact among members. But its strategists are rethinking that approach when it comes to the digital battlefield.
In crafting NATO’s new cyber strategy, senior security and intelligence officials for the alliance say they were informed by a series of “increasingly destructive” cyberattacks by Russian and Chinese actors over the last few years.
What the incursions had in common was that, though damaging, they fell below the threshold of armed attack. It was increasingly evident, too, that the alliance needed to be more “proactive” in cyberspace, said NATO Assistant Secretary-General David van Weel.
That could mean using “hunt forward” teams of hackers like those the United States has, who defang threats before they have a chance to cause damage.
Brussels
Article 5 is the linchpin of the NATO pact, putting adversaries on notice that an attack against one is an attack against all. Founded on the Cold War logic of deterrence, the idea is that no aggressor will strike for fear of certain retaliation from combined NATO forces.
But with modern warfare expanding to virtual battlefields, NATO strategists are overhauling their cyber tactics. That means rethinking the concept of deterrence, as well as what constitutes a cyberattack that triggers Article 5: a crucial issue amid tensions between Russia and NATO-supported (though nonmember) Ukraine.
Since 2019 it has been clear that a large-scale cyberattack on a member could trigger Article 5. But…
Hard Numbers: Global vaccine good news, rampant ransomware, 5G growing fast, Spanish wind power
58.1: As of December 17, 56.6 percent of the global population has received at least one COVID vaccine shot. We sometimes don’t realize how big of an achievement this is from just a year ago, when frontline health workers were the first to get jabs.
11: A ransomware attack occurred every 11 seconds in 2021, according to one estimate. Earlier this year, hackers carried out their most famous attack to date against Colonial Pipeline, which supplies almost half of the oil and gas consumed in the US Eastern Seaboard.
540 million: Global 5G connections are expected to reach 540 million by the end of the year, according to a new report. That’s more than double the amount in all of 2020.
23.1: Wind became Spain’s top energy source this year, overtaking nuclear for the first time. Half of the country’s energy now comes from renewable sources, which the government hopes will help bring down sky-high power prices in 2021.
Software development companies hit hard by cyber crime
Research carried out by cyber crime experts FoxTech has revealed that among the worst industries at risk of cybersecurity breaches are computer software development companies.
These companies had an average cyber risk score of 166, followed by publishing (152), research (115), transportation, trucking and railroad (111), and civil engineering (102).
The cyber risk score, which is calculated using publicly available information and an analysis of a wide range of cyber security indicators, is an immediate indicator of how high or low the risk of a potential cybersecurity breach is for a company, according to FoxTech.
Companies with scores of 75 or more are at extreme risk of cyber attack, while those below 25 are considered to be low risk.
Anthony Green, CTO and cyber crime expert at FoxTech, explains, “We audited hundreds of companies across a wide range of sectors and found that while industries such as banking (cyber risk score 6) and performing arts (cyber risk score 5) are at very low risk of a potential attack, other industries fell woefully short when it came to ensuring their cyber protection was up to scratch.”
However, the issue is not that companies do not care about cybersecurity, but that they are unaware that their IT infrastructure is not robust enough to stave off an attack, Green says.
He says, “In many cases, companies will be entirely unaware that the antivirus or endpoint protection software they have invested in simply isn’t robust or far-reaching enough to prevent a cyber attack from occurring.
“Alternatively, companies might be under the misapprehension that they are safe from attack because they have invested in cloud-based services.
“Sometimes, a company can be exposed by something as simple as poorly managed user accounts, software that is out of date or inadvertently leaving their database visible to the internet and therefore exposed to hackers.”
On average, hackers will spend 207 days between breaching a company’s IT security and exploiting it. Green says this shows that it’s a gradual process rather than something that happens overnight.
He says, “The fact that hackers are going undetected for more than half a year tells us…