How to prepare for the inevitable global cyberattack

Lessons from COVID-19


While globalization has created economic and political opportunities for many, it is also contributed to the rapid spread of contagions such as COVID-19.
 
Although the effects of this biological contagion were massive, we can be fairly certain that the effects of a global cyberattack could be just as catastrophic, if not worse. Here are three lessons we've learned from coronavirus that shed light on the true scale of a future cyberattack:


A digital virus will spread much quicker and farther than coronavirus.


The Reproductive Rate (or R0) of COVID-19 is estimated to be between two or three without any social distancing in place. This means that for every person who gets infected, they pass it on to at least two other people. This is an important measure of how contagious the virus is, and consequently how quickly it spreads. For example, researchers estimate that the infected population in New York State doubled every three days before the lockdown was put in place.

Let's compare this with digital viruses. The 2003 Slammer/Sapphire worm, one of the fastest worms recorded, doubled in size every 8.5 seconds, infecting nearly 11 million devices within the first 24 hours. This puts cyberattacks in the vicinity of an R0 of 27 or above. Similarly, the 2017 WannaCry attack crippled systems in 150 countries before it was brought under control.

Furthermore, while coronavirus was detected within weeks or months, zero-day exploits have been known to operate undetected for years. For example, Stuxnet, a virus that successfully compromised the Iranian nuclear program hid itself for 18 months before launching an attack. If we extrapolate this to a virus which spreads through a popular social media application like, say, Facebook, we could be looking at over one billion infections within five days (assuming a relatively low R0 of 20).

The economic impact would comparable to that of COVID-19 (if we're lucky).

Researchers estimate that a successfully executed global cyberattack would render 5% of infected machines inoperable, 15% would need to be wiped and systems reinstalled, and 30% would be asymptomatic while continuing to spread the virus. Accordingly, the only way to slow the spread would be to enforce social distancing which, in this case, would entail disconnecting all devices from one another as well as from the internet. It's estimated that each day without internet would cost the world over $50 billion dollars, meaning that we'll lose $1 trillion dollars every three weeks. And this is in addition to all of the direct losses resulting from the virus itself, a precipitous plunge in financial markets, and the psychological toll resulting from a sudden and complete loss of communication.

Recovering from the attack will pose unprecedented challenges.

The sorts of shortages and supply chain disruptions that we've seen these last few years will only be magnified by a cyberattack. If we estimate that 5% of machines will need to be replaced, this will amount to nearly 100 million new devices. These will need to be manufactured without proper logistics, connectivity, and machinery. In terms of the infected devices, it will be challenging to roll out patches and reinstall systems without any internet connection.

Finally, taking into account where these devices will most likely be manufactured, we can see that political tensions will escalate extremely quickly. Currently, China produces the overwhelming majority of phones, TVS, and computers.

What can we do to prepare?

A good starting place is to implement Silent Breach's Five Cybersecurity Resolutions. These include:

  • Move from DevOps to DevSecOps
  • DevSecOps begins with DevOps' commitments to continuity and automation and merges them with the principle of security-by-design, creating a single, streamlined SDLC that is both more efficient and more secure.

  • Partner with a Managed Security Service Provider
  • There are a number of advantages that MSSPs provide over traditional in-house IT departments including: focus, cost effectiveness, superior protection, compliance, scalability, and SLAs.

  • Invest in Continuous Monitoring
  • The past decade has seen the meteoric rise of various SaaS applications, and cyber security is no exception. Now, with products like Quantum Armor, you can monitor dozens of applications and thousands of endpoints with a simple subscription model.

  • Cultivate a Cybersecurity Culture
  • Information security cannot be contained in a set of regulations or handed off to a security department. To be effective, it must lead to a complete transformation in organizational priorities and culture. This means introducing training workshops, awareness programs, and top-down messaging that shows employees that your organization takes cybersecurity seriously.

  • Empower Your CISO
  • The ability of CISOs to function as a core member of the board will be a defining security trend over the next five years. In crucial ways it will be cultural adjustments such as these that will provide the sorely needed increases in expenditures and commitments necessary for an effective and efficient cybersecurity program.



Similar Reads:
Fighting Back Against Ransomware
Are We At (Cyber) War With China?
Top 10 Challenges Facing CISOs in 2023


About Silent Breach: Silent Breach is an award-winning provider of cyber security services. Our global team provides cutting-edge insights and expertise across the Data Center, Enterprise, SME, Retail, Government, Finance, Education, Automotive, Hospitality, Healthcare and IoT industries.