It is pretty telling that the World Economic Forum listed “Widespread cybercrime and cyber insecurity” for the first time in its Global Risks report 2023. Once a nuisance to users on the internet, cybercrime has evolved into both a massive multibillion-dollar industry AND a weapon to aid real-world conflict.
Attacks like Distributed Denial of Service Attacks (DDOS) and ransomware were just used to make money but now can be used to target governments and critical infrastructure as part of an overall military strategy. The recent report, “2022 Official Cybercrime Report by Cybersecurity Ventures,” put ransomware as the most immediate cyber threat to both governments and companies globally.
Critical Infrastructure - A blind spot
Cybercrimes have always had the potential to disrupt a person’s livelihood due to the financial impact, but attacks on critical infrastructure have the potential to disrupt entire societies. People take services like electricity, transportation, communication, water, and fuel supply as granted for the normal functioning of society, and an attack designed to impact these services can cause widespread panic.
It can also aid in eroding the confidence in the current government and help the spread of propaganda.
There is also, of course, a direct impact on life if services like the power grid or medical services are impacted. Cybercriminals are well aware of this, which is why cyberattacks have taken on a much more sinister form these last couple of years, being executed in parallel with real-world attacks.
Consider the below:
- Compromising the systems that control the water supply of a country can result in water supply contamination and a subsequent health emergency
- Disrupting the power grid can result in widespread blackouts which would have a cascading effect on other critical functions like communications, healthcare, and transport services.
- Similarly attacking the financial system can have widespread economic impacts leading to widespread panic and loss of confidence in the financial system.
- These attacks are designed not for financial benefit but for spreading fear and chaos and disrupting the very fabric of society.
A Call for a Hardware Fortress
It is essential to recognize that software defenses alone are as ineffective as a moat surrounding an already breached castle. The prevalent reliance on software solutions is akin to a firefighter focusing only on dousing the flames while disregarding the fuel feeding the fire. Cybersecurity measures must advance beyond mere software patchwork and delve into securing hardware—the physical vessels of our digital consciousness. That’s where the BACKBONE tablet can jump in and offer a solution at the base of hardware security.
As attackers evolve, they reveal that the software is only as resilient as the hardware it depends on. Ensuring hardware resilience means designing components resistant to tampering and exploitation, materials that safeguard data integrity, and fail-safes that secure operational continuity when systems are under siege.
Key attacks on critical infrastructure
Europe is no stranger to such attacks both in the past and current as evidenced by the recent Russia-Ukraine conflict.
A few notable events are listed below:
Ukraine’s power grid was targeted in 2015 and 2016, resulting in massive power outages by a Russian state-sponsored group called Sandworm.
- A ransomware attack in 2019 on the Norwegian company Norsk Hydro resulted in massive business disruption and millions of dollars in financial damage.
- The European External Action Service (EEAS), which is the EU’s diplomatic service, was targeted In 2020 by the Russian group APT29 group
- A similar group, APT28, also targeted several other EU countries and organizations with a massive spear phishing campaign to compromise their environments.
- Microsoft’s threat intelligence center recently identified a new ransomware campaign in October 2022 in which transportation and other logistics companies were targeted
- These real-world examples highlight the dangers of attacks on critical infrastructure in Europe and why robust cybersecurity measures are needed to secure against them.
State-sponsored cyberattacks are a reality that nations across Europe and the wider world need to understand and protect against. These attacks are devastating in their ability to disrupt life and cause damage on a massive scale. Governments and companies should take the below steps at a minimum:
- Implement a dedicated cybersecurity program to protect against these threats and assess their risk to the same
- Play out these scenarios against their current controls in various Incident response simulations to see where possible gaps might exist which can be exploited
- Co-operate and share information with each other so that all stakeholders are aware of the latest threats and vulnerabilities. A key aspect of Critical infrastructure attacks is their ability to have a domino effect on other industries hence it is so important.
- Attacks on critical infrastructure are designed to have both a physical and psychological impact on the working of a country. European governments and countries need to have a robust set of cybersecurity controls in place to ensure their critical infrastructures are protecting against this rising threat.