Cybersecurity has become a top priority for governments, businesses and critical infrastructure operators, especially since the start of Russia’s invasion of Ukraine which has been marked by sophisticated cyber attacks.
Cyberattacks on governmental websites were seen more recently in Taiwan when it experienced intermittent outages just before US House Speaker Nancy Pelosi arrived in the country earlier this month amid sharp warnings from China before the visit.
Up to 11 convenience stores in Taiwan were also attacked with the television screens behind cashiers abruptly displaying the words: "Warmonger Pelosi, get out of Taiwan!"
But cyberattacks do not just target state websites, they also hit critical infrastructure and even healthcare providers as well as small businesses.
IT teams are facing an uphill battle as spending on cybersecurity and the development of technology has ramped up considerably in the last decade but cyber tech has not stopped breaches from occurring. The question then arises as to why this delta exists between sophisticated technology amid a rise of cyberattacks.
“As we think about the future and where the world is actually moving, it is less from the standpoint of investment and more towards a position of effectiveness and outcome,” said Jonathan Reiber, a cybersecurity expert and former chief strategy officer for cyber policy, US secretary for defence, during the former president Barack Obama’s administration.
Reiber, who is now Vice President of Cybersecurity and Policy at the security platform AttackIQ, told Euronews Next there are several reasons why cybersecurity has become such a big topic.
Russia exploits grey space
The first is due to Russia’s increased cyber attacks on Ukraine and other countries, which have been ongoing for several years and are called “grey space operations”.
These are conducted outside of declared hostilities and are usually ransomware attacks, which deny the user access to the files on their computer and encrypt them and demand a ransom payment for their return.
“We saw a significant increase in cyberattacks in the last three years, particularly as we were putting sanctions and pressure on Russia. Russia is exploiting the grey space,” said Reiber, warning that companies and governments should prepare especially for that.
Another reason for the growing number of cyberattacks, said Reiber, is because there has been a massive increase in the commodification of ransomware as a service, meaning it is a lot easier for criminals to conduct ransomware attacks that are more highly effective.
So how can governments and companies protect themselves?
With regards to governments, Reiber advises them to prepare for contingencies with countries that could conduct a significant attack against their infrastructure.
“Russia and China are the top two from a US standpoint,” said Reiber.
As for Europe, he said it “needs to think about Russia conducting those kinds of operations,” adding that Russian president Vladimir Putin may conduct offensive cyberspace operations when he faces no other options in Ukraine.
“If he's ever on his back foot and he's really losing and he doesn't have any more to do, we might anticipate him conducting more attacks against Europe and the United States,” Reiber said.
Reiber said he worried “a little bit” about Finland and Sweden since they announced their intentions to join NATO in May, because before the war they were not as concerned about what Russia could do and so their cyber defences may not as been as strong as they are now since investment in cyber defence increased.
How to prepare against cyberattacks
Reiber said to build a strong cyber defence, you should not focus on the technology but start with “a certain kind of mindset, you have to assume that you're going to be breached in cyberspace”.
The next step is to then secure the most essential data and then have the right team to help build a cyber defence system and strategy.
After that, he said you must rigorously and constantly test your cybersecurity software to ensure it works.
“The analogy I like to use is like if you build the best navy in the world and you let it sit in port and you never took it out over a year how would you expect it to perform? That's essentially the state of cybersecurity,” he said.
However, it is not just governments that need to be aware of cyber security risks; infrastructure businesses and especially the health sector should also be aware.
“We've seen in the last few years ransomware groups based out of Russia targeting hospitals, targeting civil infrastructure, municipalities,” he said.
“In China, groups are trying to steal intellectual property from medical and research institutions some even tried to steal vaccine data during the COVID-19 pandemic,” he added.
Two Chinese hackers were indicted by the US at the beginning of the pandemic in 2020 on suspicion of trying to steal COVID-19 vaccine research, accusations China branded at the time as “groundless claims”.
The healthcare sector is an early target for hackers, said Reiber, adding they need to ramp up their cyber defences “quite significantly”.
He warned the main problem is the lack of investment in the payment systems but more so because health services cannot afford to have their services down for long so they can serve patients and so will pay ransoms.
To avert that situation, Reiber said the key is to invest in your cyber team, prepare the technologies, develop a strategy and test it yourself.
If all that is done, he believes a company can “improve its cyber defence posture” within three to six months.