Cyberwar is here but are corporations prepared?

A recent article in Foreign Policy magazine is a wake up call for companies who are unaware of a cyberwar being waged right under their noses.  According to the author Joel Brenner, a retired intelligence official from the U.S. National Security Agency, criminals, hackers and terrorist groups are using the internet to target a variety of industries including IT, financial services, defence and electronics.  These attacks are launched for a variety of reasons including financial gain, IP theft, political disruption or merely just for kicks.  Cyber risks are rising so managers will need to understand and accept this reality and better prepare their organizations for inevitable disruptions.

So far, cyberwar has claimed many victims, some public but many private.  Most risks fall into two general areas:  information & IP security threats and operational risks

Information & IP security threats

Most weeks features disclosures of electronic fraud and massive data heists. For example, Sony’s PlayStation Network was hacked (apparently through its Amazon Cloud infrastructure), compromising the personal information of more than 100M customers.  In another case, cyber thieves stole $9M in just a few hours by breaking into an international bank, creating counterfeit credit balances and looting ATMs across 4 countries.  There is nowhere to hide from these threats. According to Brenner, “international gangs spread malicious code that conscripts unwitting computers into zombie armies of hundreds of thousands of similarly enslaved machines.”

Cyberwar pays.    It is often cheaper and easier to steal IP than it is to painstakingly develop it.   Brenner sees corporate espionage by both competitors and foreign intelligence services (or their surrogates) increasing. For understandable reasons around maintaining confidence and not admitting vulnerabilities, government officials are reluctant to speak openly on specifics while victims will rarely admit they have been targeted. Yet, two companies have gone public.  Google acknowledged that a 2009 Chinese government cyber attack was about stealing their market-leading source code.  Brenner asserts that thousands of other U.S. and Western firms were targeted by the same Chinese attack.  In another case, Oracle publicly admitted and successfully sued SAP for stealing some of its software. 

Operational threats

Virtually every company’s operations are susceptible to national infrastructure and supply chains disruptions.  Operational vulnerability has been illuminated by the impact of the Stuxnet computer virus on the Iranian nuclear program.  Having been introduced remotely or embedded in the firmware of the industrial control systems, Stuxnet caused the uranium centrifuges to go haywire, resulting in a major setback to the program.   While good news for world peace, this case exposed the harsh reality that operational espionage is a major threat to highly automated and capital intensive operations.  While it is believed only a top-notch intelligence agency could have developed the virus,  the code itself is now public increasing the possibility of copy cat attacks.   For every Western organizations, the national and trans-national infrastructure is the nexus of vulnerability. Attackers have numerous soft targets including the electricity grid, air traffic control, energy pipelines, water and sewage systems and railroad switches.  These systems are mostly electronically controlled and networked.  If an intruder can break into the right server electronically, he/she can remotely shut down production, redirect goods to the wrong location, and even unlock shipping doors – while leaving no record of ever having been there.

Western companies face a wide variety of cyber threats from all corners of the globe and within their own societies.  According to Brenner, seized al Qaeda computers have contained details of U.S. industrial control systems. A variety of terrorist groups have plotted attacks on the Australian and British electricity grids over the past 8 years. Countless numbers of individual hackers and small gangs regularly look to penetrate poorly defended IT infrastructures.  In fact, criminals can easily rent cyber weapons online, called “botnets,” to attack web sites.

How can managers deal with the onset of cyberwar?

  1. Acknowledge that their firms face serious operational vulnerability in an inter-dependent and wired world.   Organizations need an objective and realistic assessment of which assets, data and IP can and should be protected.  Moreover, managers must look back through their supply chains and equipment suppliers to understand the full impact of cyber disruption.
  2. Accept that risks cannot be eliminated, only managed.  As operators of over 80% of the IT infrastructure, it is the private sector who owns this vulnerability;  they can’t depend on a distracted, heavily indebted government to save them. Furthermore, companies must reconsider their primary focus on efficiency and invest more in operational redundancies in key areas such as business continuity measures, IT & communications support and data storage.    
  3. Understand that technology is only one, albeit the most obvious, aspect of the cyberwar challenge. Unless technology risk mitigation is integrated with people, process and operational elements, firms run the risk of not closing every window of vulnerability.

For more information on our services and work, please visit the Quanta Consulting Inc. web site.


No comments yet

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: