How to prepare for the inevitable global cyberattack

Lessons from COVID-19


While globalization has created economic and political opportunities for many, it is also responsible for the rapid spread and destruction created by COVID-19.
 
But if we thought that the effects of this biological contagion were massive (and they were), we can be fairly certain that the effects of a global cyberattack will be just as significant, if not worse. Here are three lessons we've learned from coronavirus that shed light on the true scale of a future cyberattack:


  1. A digital virus will spread much quicker and farther than coronavirus.
  2. The Reproductive Rate (or R0) of COVID-19 is estimated to be between two or three without any social distancing in place. This means that for every person who gets infected, they pass it on to at least two other people. This is an important measure of how contagious the virus is, and consequently how quickly it spreads. For example, researchers estimate that the infected population in New York state was doubling every three days before the lockdown was put in place. Pretty quick, right?

    Let's compare this with digital viruses. The 2003 Slammer/Sapphire worm, one of the fastest worms recorded, doubled in size every 8.5 seconds, infecting nearly 11 million devices within the first 24 hours. This puts cyberattacks in the vicinity of an R0 of 27 or above. Similarly, the 2017 WannaCry attack crippled systems in 150 countries before it was brought under control.

    Furthermore, while coronavirus was detected within weeks or months, zero-day exploits have been known to operate undetected for years. For example, Stuxnet, a virus that successfully compromised the Iranian nuclear program hid itself for 18 months before launching an attack. If we extrapolate this to a virus which spreads through a popular social media application like, say, Facebook, we could be looking at over one billion infections within five days (assuming a relatively low R0 of 20).

  3. The economic impact would comparable to that of COVID-19 (if we're lucky).
  4. Researchers estimate that a successfully executed global cyberattack would render 5% of infected machines inoperable, 15% would need to be wiped and systems reinstalled, and 30% would be asymptomatic while continuing to spread the virus. Accordingly, the only way to slow the spread would be to enforce social distancing which, in this case, would entail disconnecting all devices from one another as well as from the internet. This NetBlocks tool estimates that each day without internet will cost the world over $50 billion dollars, meaning that we'll lose $1 trillion dollars every three weeks. And this is in addition to all of the direct losses resulting from the virus itself as well as the psychological toll resulting from a sudden and complete loss of internet.

  5. Recovering from the attack will pose unprecedented challenges.
  6. The sorts of shortages and supply chain disruptions that we saw with PPE will only be magnified by a cyberattack. If we estimate that 5% of machines will need to be replaced, this will amount to nearly 100 million new devices. These will need to be manufactured without proper logistics, connectivity, and machinery. Also, how do you roll out patches and reinstall systems without any internet connection?

    Furthermore, if we look at where these devices will most likely be manufactured, we can see that political tensions will escalate extremely quickly. Currently, China produces the overwhelming majority of phones, TVS, and computers.


What can we do to prepare?

A good starting place is to implement Silent Breach's Five Cybersecurity Resolutions for 2020. These include:

  • Move from DevOps to DevSecOps
  • DevSecOps begins with DevOps' commitments to continuity and automation and merges them with the principle of security-by-design, creating a single, streamlined SDLC that is both more efficient and more secure.

  • Partner with a Managed Security Service Provider
  • There are a number of advantages that MSSPs provide over traditional in-house IT departments including: focus, cost effectiveness, superior protection, compliance, scalability, and SLAs.

  • Invest in Continuous Monitoring
  • The past decade has seen the meteoric rise of various SaaS applications, and cyber security is no exception. Now, with products like Quantum Armor, you can monitor dozens of applications and thousands of endpoints with a simple subscription model.

  • Cultivate a Cybersecurity Culture
  • Information security cannot be contained in a set of regulations or handed off to a security department. To be effective, it must lead to a complete transformation in organizational priorities and culture. This means introducing training workshops, awareness programs, and top-down messaging that shows employees that your organization takes cybersecurity seriously.

  • Empower Your CISO
  • The ability of CISOs to function as a core member of the board will be the defining security trend of 2020. In crucial ways it will be cultural adjustments such as these that will provide the sorely needed increases in expenditures and commitments necessary for an effective and efficient cybersecurity program.


Contact Silent Breach today for help with implementing any of these programs or to schedule an organization-wide cybersecurity audit.


About Silent Breach: Silent Breach is an award-winning provider of cyber security services. Our global team provides cutting-edge insights and expertise across the Data Center, Enterprise, SME, Retail, Government, Finance, Education, Automotive, Hospitality, Healthcare and IoT industries.