Back in the day, the picture that sprang to mind when someone said “cybercriminal” was “hacker.” In other words, hackers were an individual or small groups of individuals who illegally broke into systems for multiple motives. At the time, ascertaining the hackability, sowing disruption, and financial gain were on the top of the hacker’s list.
Political Motives Increasingly on the Rise
That version of cybercriminal has not gone away, of course. But increasingly, it’s becoming clear that some cybersecurity issues are also being poised from political motives. Countries are employing people to break into computer systems for multiple reasons: to obtain state secrets, make governmental entities pay a ransom, or simply to wage a cyber version of warfare, disrupting communication and internet of things (IoT) capabilities.
There are times when political cybercrime has hit only government entities. Recent ransom requests to the city of Atlanta, for example, and the alleged Russian interference in U.S. elections are two notable technology news examples.
But companies are far from exempt in political cyberwarfare. They can be the means by which political damage is done, or unwittingly provide an entry point for politically aimed cyberattacks that spread.
Take the massive breach that disabled the computer system of Danish shipping company Maersk. As outlined in a recent issue of Wired, the company’s computer system went down due to a computer based in Ukraine. Russia was massively disrupting multiple institutions in Ukraine, conducting something of an undeclared war against the country. Those efforts inadvertently disabled a Ukraine-based computer loaded with software enabling the cyber warfare—and, by accident, Maersk software as well.
By the time the breach spread, Maersk’s company computing system was entirely disabled in a matter of seconds.
First, the company had to furlough its workers until the computers were up and running again, which took several weeks. Second, and even more disruptively, global cargo at ports around the world were disrupted, thanks to the Danish company’s global reach and its extensive IoT-based methods of loading and unloading cargo.
Digital systems that ensured tracking, monitoring, loading, and unloading at world ports were simply unable to function in the wake of the attack, causing Maersk—and companies who shipped with it—billions of dollars in losses. What that means is that companies are in the political cyberwar line of fire, whether cyberwar activities seem related to their business or not.
Companies need to be proactive to stop politically motivated cyber warfare from affecting their systems.
Proactive Steps Are Best
What can companies do to protect themselves?
Although state-of-the-art security systems and continual monitoring of computer systems are of course necessary, they alone aren’t sufficient to guarantee security.
Nor can the U.S. government be relied on to protect companies from cybercrime stemming from foreign countries. As a recent article in Harvard Business Review points out, the government’s role in the evolving wave of political cybercrime is uncertain at best.
The best method of protection is to hire analysts to proactively monitor company systems for signs of cybercrime, be it disruption or espionage about the company’s products and plans. In addition, companies need to hire analysts who can think proactively about both how foreign actors might exploit weaknesses in the system and unanticipated consequences.
Cybercrime from political actors is a new reality, and business leaders must be prepared to meet it.