Is a ‘Cyber Pandemic’ Coming?
Posted on June 7, 2020 on GovTech
For more than a decade, security leaders predicted that a “Cyber Pearl Harbor” or “Cyber 9/11” was coming that would dramatically change society as we know it. For example, back in 2013, Secretary of Homeland Security Janet Napolitano said, “Our country will, at some point, face a major cyber event that will have a serious effect on our lives, our economy and the everyday functioning of our society.”
However, over the past few years, these bold predictions that the Internet sky is falling have largely dropped off the map – until this past week under a new name. As I have chronicled for the past several years in my annual ‘Lohrmann on Cybersecurity’ security prediction report from top security companies and media organizations, “Very few dire predictions (again) about Cyber 9/11s or Cyber Pearl Harbors or even people dying in hospitals from cyberattacks.”
The main reason that most cyber prognosticators dropped these scary predictions seemed to be an overdose of Fear, Uncertainty and Doubt (FUD) was bad for business and seemed to be getting old. Like constantly predicting the stock market will crash, people were getting tired of these messages. Rather, most experts started to shift to more of a pragmatic approach to future cybersecurity predictions, with ample research backing-up claims.
But this trend quietly changed this past week, under a new name inspired by COVID-19.
While the majority of people were focused this past week on peaceful protests against police brutality and the death of George Floyd, or rioting in some cities, or the surprisingly positive jobs numbers and stock market performance, several well-respected leaders and groups are now predicting that a “cyber pandemic” is coming soon.
First, from the Check Point CEO:
“The founder and CEO of Israeli cybersecurity firm Check Point warned Monday that the new reality created by the coronavirus pandemic will cause threats in the cybersecurity field to rise, and that countries need to protect themselves against the coming ‘cyber pandemic.’
“What happened in the last three months pushed forward five, maybe even 10 years of technological evolution,” he explained.
“More services moved online; companies removed barriers. We allowed developers to work just from within the company physically, so we could keep our intellectual property… In one day, we had to change all of that and allow people to access from home. This rapid change means hackers will find a way… The hackers can find a way to hack a personal computer of an employee and through them get into our Crown Jewels.”
Shwed added that even if the coronavirus pandemic could be less of a concern in Israel, “we need to protect ourselves against the cyber pandemic that is coming. We know it will happen, and we need to secure it.”
Next, from the World Economic Forum: “What the COVID-19 pandemic teaches us about cybersecurity – and how to prepare for the inevitable global cyberattack.
COVID-19 shows that the world is at great risk of disruption by pandemics, cyberattacks or environmental tipping points.
We should prepare for a COVID-like global cyber pandemic that will spread faster and further than a biological virus, with an equal or greater economic impact.
The coronavirus crisis provides insights into how leaders can better prepare for such cyber risks.
Lesson #1: A cyberattack with characteristics similar to the coronavirus would spread faster and further than any biological virus.
Lesson #2: The economic impact of a widespread digital shutdown would be of the same magnitude – or greater – than what we’re currently seeing.
Lesson #3: Recovery from the widespread destruction of digital systems would be extremely challenging.”
As far as definitions go, the article says that “the cyber equivalent of COVID-19 would be a self-propagating attack using one or more “zero-day” exploits, techniques for which patches and specific antivirus software signatures are not yet available. Most likely, it would attack all devices running a single, common operating system or application.”
Third, a report was released this week stating that Maritime Cyberattacks Up by 400 Percent.
“Cybersecurity consultancy Naval Dome has reported a 400 percent increase in attempted hacks since February 2020. The primary cause is an increase in malware, ransomware and phishing emails attempting to exploit the COVID-19 pandemic, but Naval Dome says that global travel restrictions, social distancing measures and the economic recession are beginning to cut into companies’ self-defense capabilities.
In addition, since OEM technicians have a harder time traveling to service systems on board ships and rigs, they are increasingly making “remote” service calls that require the operator to bypass security protections – creating an opening for a cyberattack.
‘Covid-19 social restrictions and border closures have forced OEMs, technicians, and vendors to connect standalone systems to the internet in order to service them,’ Naval Dome CEO Itai Sela said. ‘As budgets are cut and in the absence of service engineers, we are seeing ship and offshore rig staff connecting their OT systems to shoreside networks, at the behest of OEMs, for brief periods of time to carry out diagnostics and upload software updates and patches themselves.’”
Recent Cyberspace Solarium Commission Actions
Meanwhile, the Cyberspace Solarium Commission released the “pandemic annex” Tuesday, the commission is capitalizing on the attention focused on responding to the public health crisis to emphasize and augment its recommendations for digitizing critical services.
“The proposed Internet of Things Cybersecurity Improvement Act of 2019 provides a viable model for a federal law that mandates that connected devices procured by the federal government have reasonable security measures in place, but should be expanded to cover all devices sold or offered for sale in the United States,” the annex reads.
The legislation, as is, has bipartisan sponsorship in the House and Senate and passed the Senate Homeland Security Committee last September.
Another interesting development is the resurfacing (or new attention given) to cyberattacks associated with the protests and other recent events around the country. These events were highlighted by the Washington Post and other news media such as Government Technology magazine.
Over the past few months, I have released several blogs which highlight the Covid-19 cyber themes – without predicting a coming “cyber pandemic.” Some of those blogs include:
But these articles focus on the growing cyber threats during the pandemic, and not on a major new attack which may well be coming.
Perhaps the time to start planning anew for a cyberattack is now, as these global leaders recommend.