Dispatches from the Cyber War
In WWII, a lot of bombing runs over Germany and Japan did not target military installations. Instead, they targeted vital industrial capacity. The idea was to cripple their capability to create weapons of war. In today's Cyber War, we see the same thing. The recent Wired article on the cyber-attack that brought down much of Europe and world-wide shipping illustrates that any company connected to the Internet is a target in today's Cyber war.
We are in a Cyber War. Any place around the world where bullets are being exchanged, there are also teams working on the Internet to disrupt operations. Any computer now connected to the Internet is on the "front line". Just like how bullets travel farther than the battlefield, those Cyber actions are travelling far and attacking computers anywhere in the world. The attack described in the Wired article appears to be targeted at Ukraine, but traveled much further and nearly took down all shipping traffic around the world.
For a while now, the common assumption for computer security was that we only had to worry about cyber criminals attacking individual companies. While that industrial espionage is still occurring, we are now seeing broad attacks on all companies and infrastructure.
In WWII, there are many people who do not want to change their lives because of the war. There were many who resented the rationing and went "black market" to get what they wanted. There were those who refused to follow the blackout regulations.
Today, we have many people who do not realize that this Cyber War can affect them. Stories are told from IT departments of computers that had been grossly infected with viruses. There are companies that keep a ransomware attack secret. Even places that are security conscious have had people break security. The Internet has happened so quickly that we, as a society, do not intuitively understand the security needs.
It helps to look at biology to understand some of the security needs. In biology, we have layers of protection against biological attacks. Our skin is hostile to a number of bugs. We several other layers of protection including "rapid response teams" of reactions to eating or breathing a hostile element. The more vital a system, the more protection we have for it. Thus, our brains are protected from illnesses that can affect the rest of our bodies.
Likewise, in a company, there needs to be layers of security depending on how vital the systems are. We do well to plan for being attacked, figure out what systems need extra layers, what to do when an attack happens, how to identify an attack as opposed to human error or machine failure, and practice how to recover after such an attack.
In the Wired article, the shipping company nearly did not recover from the attack. They were lucky to find a system that had been disconnected from the Internet during the attack and thus, were able to rebuild their system. What would you do?