According to Cloud security company Guardicore, we have entered an age where cyberattacks could truly have devastating consequences, not only for the survival of businesses, but also for the safety and lives of people.
The situation is becoming more worrying with each passing day- so much so that recently Interpol had issued warning to the law enforcement agencies in its 194 member countries alerting them of the threat that organized crime networks pose to the distribution of COVID-19 vaccines.
Interpol’s chief Juergen Stock warned against the hike in crimes including thefts, warehouse break-ins and even attack vaccine shipments. “The vaccine is liquid gold for 2021,” he said.
Dave Klein, Senior Director of Technical Evangelism for Guardicore, says, “Over the past decade, we have seen just how destructive cyberattacks have become.”
In the past, ransomware-focused criminal organizations would avoid targets where human lives would be at risk. But now, even hospitals are seen as acceptable. In September 2020, a ransomware attack on the German Düsseldorf University Clinic led to a death of a patient. This attack was the handiwork of the Russian cybercriminals
The same criminal gang was also responsible for attacking and taking down all 250 facilities of US based UHS healthcare.
Nation-state actors have targeted critical infrastructure aiming to injure or even kill the citizens of the target countries.
Dave Klein says that nation-state actors have become brazen in their attacks, and we see evidence of this in the use of many different methods to carry out attacks that have even resulted in fatalities.
“If we were once under the impression that investing in cybersecurity was strictly a decision based on the risk of data and financial loss, it’s time to reevaluate,” he said.
From April to July 2020, Israel’s water supply was threatened three times by nation-state hackers. Industrial controls of Israeli water processing facilities came under attack in an attempt to alter the injection of treatment chemicals to unsafe levels. The attack was so disconcerting that a cyber counterattack was levied against Iran (allegedly initiated by Israel) that disrupted port traffic at the ShahidRajaee port.
Amid the pandemic, the US, Canada and the UK reported attempts by Russian and Chinese state actors to steal, manipulate and even obstruct the development of the Covid-19 vaccine. First warnings of such activity came from a joint CISA/FBI PSA to the vaccine research community in May 2020. By July, the US Department of Justice issued an indictment for two Chinese nationals working for the People’s Republic of China. They were not only charged with attempted theft but attempted destruction of vaccine research held in the United States, Australia, Belgium, Germany, Japan, Lithuania, the Netherlands, South Korea, Spain, Sweden, and the United Kingdom.
It’s important that we continue to stay vigilant and recognize these threats as real. Today, cyber attackers act unscrupulously. Fortunately we have everything at our disposal to defend ourselves against them. With just a little effort we will indeed survive and flourish, says Dave Klein.
According to Dave Klein, there are seven ways that businesses and government organizations must take to mitigate threats, minimize damages, and recover gracefully from nation-state attacks:
- Better Vulnerability and Patching Regimen:
- Incorporate Multi-factor Authentication:
- Add privileged accounts and expiration controls to business security:
- Management and Control of certificates:
- Controls for critical business services such as DNSm, Remote Access and Active Directory:
- Better and Redundant Backup and Restore Procedures:
- Micro-segmentation Practices: