Everyone from developing nations to world-leading economic powers has either adopted or is in the process of adopting digital forms of operations. But as is the case with any technological advancements, despite making our lives easier, they can also be incredibly damaging in the wrong hands. When it comes to national security, digitalization presents a whole new set of threats, with global geopolitics playing out by nation-states and groups with specific agendas, moving the target for war to cyberspace.
Cyberattacks as a method of warfare
Geopolitical unrest takes on a new dimension with warfare now being conducted through cyberattacks rather than military warfare. State-sponsored cyberattacks target critical information and infrastructure of a country in order to cripple them and use it to gain political and economic leverage.
The internet is omnipresent – available anywhere globally. This worldwide access to the internet also means that a cyberattack could literally originate from anywhere across the globe. Despite the best security controls, critical government infrastructure is heavily reliant on the internet and remains the target of malicious intent, political agendas, or state-sponsored attacks.
Black hat hackers that engage in cybercrime for their own financial gains, agendas, and other malicious national-level motives, are constantly coming up with new attack patterns that can leave even the most adept cybersecurity professionals susceptible to their attacks. These hackers usually conduct deep research and reconnaissance before targeting politicians, defense leaders, and critical organizations like the NHA or the telecommunication sector. Infinite possibilities, coupled with services like VPNs that can mask the IP addresses of hackers make it next to impossible to trace an attack back to its point of origin. Pinpointing the origin of cyberattacks remains one of the biggest challenges in information security.
Some recent cybercrimes on government institutions
DDoS Attack on Russian Defense Ministry Website – The Russian Defense Ministry was hit by a Distributed-Denial-of-Service (DDoS) attack on 16th July 2021, which they claim to have been executed by a foreign entity. Although the attack didn’t end up damaging infrastructure, it coincidentally occurred on the same day they were to discuss digital security with U.S. delegations.
Cyber-disruption on Iran’s Transport and Urbanization Ministry – Iran’s transport and urbanization ministry suffered a cyber disruption in its computer systems on July 2021, which took its websites out of service. The cancellation and delay messages showing at most stations in the country created chaos among its people. The failure of electronic tracking systems of trains across Iran and the denial of a cyberattack left its citizens perplexed.
Ireland’s Health Service Executive Ransomware Attack – Cybercriminals believed to be operating from Russia launched a ransomware attack holding the Health Service Executive’s (HSE) data hostage on May 2021. The attack forced Ireland’s publicly funded health care system to shut down its entire IT system. Although their COVID -19 vaccination program was unaffected, without access to patient records, there were delays in testing and cancellations of medical appointments. The group of cybercriminals demanded a ransom of $20 million for their patient records.
Apart from these cybercrimes, the ongoing Russian invasion of Ukraine has also seen its fair share of cybercrimes with undercover operations on both sides being used to obtain crucial information required during the warfare. The hacker collective Anonymous has also vowed to continue its cybercrimes on Russia.
Cyberattacks targeting critical industries can send a country into turmoil and in some cases, even prove to be the downfall of particularly vulnerable countries. It is up to the leading nations of our world to take a united stand against these criminal attacks to defend not only themselves but also countries that cannot protect themselves.
What does a national-level cybersecurity program look like?
At the end of the day, geopolitical attacks are cyberattacks, with the specific intent that serving a political interest. Whether the attack is being targeted by another country or local entities, it remains a cyberattack. The difference is that the data or information theft from such an attack may be in the hands of another country that can leverage it to gain an advantage or make use of it politically. Similarly, sensitive industries like power, banking or healthcare can also be at risk of being targeted in such geo-political circumstances.
As with any other cyberattack, the general security best practices are applicable even in the case of national security. The United Nations published an updated guide to developing a national cybersecurity strategy in 2021, which is a comprehensive approach developed by experts. It covers setting up a national authority, taking stock and analyzing the risk landscape, and drafting and implementing a strategy.
Besides setting aside a substantial budget for cybersecurity, countries must also have a detailed national and state-wide policy governing the monitoring and actions around cybersecurity. Among the actions deemed to be important are the protection of critical infrastructure and sectors such as power and banking, securing the supply chain of Integrated Circuits (ICTs) and other electronic components, developing capacity for assessment and certifications, cybercrime investigation and other research, and preparing for defensive and offensive cyber warfare.
Global and National laws on cyber-warfare
Although we are seeing progress with cybersecurity and cyber laws with each passing day, hackers are also constantly finding new ways to breach our systems. The global increase in cybercrimes further reinforces the need for robust cyber laws not only in India but on an international level. India is set to implement a new VPN law in 2022 that makes it mandatory for all service providers to store user information for a certain period of time in an effort to reduce cyberattacks
The fact is that government websites house some of the most critical national information, so the Government must allocate a significant amount of resources dedicated to safeguarding digital information and implement a cyber security policy to combat breaches. Laws like the Information Technology Act of 2000, Companies Act of 2013, and The National Institute of Standards and Technology’s (NIST) Cybersecurity Framework do a decent job of governing Indian cyberspace. Cyber lawmakers need to stay vigilant of new threats and loopholes in the cybersecurity space and update cyber laws consistently to keep pace with the rapid developments in cyberspace in order to minimize breaches. Educating citizens through cybersecurity awareness programs and effective cybersecurity tools is another way to fortify the security of our systems and shield our sensitive information from worldwide threats.
Addressing the issue at an international level is also an integral part of the solution. Establishing a new international law governing cyberattacks, that is updated as per developments in cyberspace will greatly reduce the likelihood of such attacks. A law that transcends borders will allow countries to work together and implement measures that not only reduce cyber warfare but also trace perpetrators down to their endpoints.