David Tolfree, independent science and technology consultant
Since World War 2, and the era of the Cold War that followed, World War 3 has hovered like a malevolent spectre over the world. Wars employ a country’s military, which uses physical weapons. Today, advanced technologies enable sophisticated forms of weaponry such as wirelessly-controlled flying drones to be deployed to enemy targets by operators located many thousands of miles away, thus eliminating physical contact.
Now, as we near the end of the second decade of the 21st century, a more dangerous enemy has evolved that threatens global security. More dangerous because of the invisibility of its wide diversity of players, with their different intentions. We have entered the stealth war, described by some as a cyberwar. The battleground is the Internet and the weapons used are based on a range of emergent digital technologies. The enemies are basically people with criminal intent who want to extort money or further their political aims by disrupting society’s infrastructures. They can be lone individuals with personal motives, terrorists, companies or state governments. Known as hackers, they create malicious software called malware that infects computers and can then disrupt, convert and even take possession of their programmes, often without the users’ knowledge. Malware, commonly spread via emails or attachments, can take many forms. It acts like a virus, possessing an executable code that can affect all computers linked by networks.
The World Wide Web, devised by the CERN physicist Tim Berners-Lee in 1989, led to the realisation of the Internet in 1999. The Internet empowered people everywhere with the freedom to communicate at any time and from any place, however, such power has provided an opportunity for hackers. Since the widespread use of personal computers back in the late 1990s, hackers have lurked in the shadows. At first, they were clever young people who treated hacking as a game to test their computer skills, but when they discovered that hacking could be very lucrative, some used it to perpetrate unlawful acts.
Today, hacking is big business, often carried out by professional groups who operate in what is known as the dark web, a hidden part of the Internet where criminals can hide undetected. Using complex encryption software such as malware, a whole new underground industry has thrived in what is virtual enemy territory. The threat to business and commerce is serious enough, but its growing use by terrorist groups and some rogue states now raises the threat level, putting at risk the security of the world’s economic structure. It is not always realised by countries with protectionist trade policies who do business with those who have weaker data security systems that hackers can easily penetrate and gain access to private and confidential data.
Cyberwar is like a cat-and-mouse game. Software developers continually upgrade protective walls against new malware but hackers find ways of overcoming them. Unfortunately, many companies and organisations—and in particular, public bodies—have computer software and data transmission and protection systems based on 20th century technologies, many of which were developed over two decades ago. These urgently need upgrading to combat new cyberthreats.
In our digital era, the Internet has produced an inter-connected world and fuelled global trade. The growing reliance on the Internet for the exchange of data by all sectors in business, manufacturing, financial services, etc. means that data breaches by cybercriminals have a profound impact on society. According to Intel, by 2020 there will be 200 billion wirelessly connected devices worldwide1, and as the Internet of Things (IoT) becomes part of everyday life, it will provide a fertile landscape for hackers.
The main issues of data security and protection were highlighted in my article Facing up to the reality of data security and protection, published in the August 2018 issue of CMM2. In that article, I made specific reference to the new technologies, such as quantum communication systems, that will provide improved defensive weapons to combat the unfolding cyberwar. This article is intended to extend awareness of the implications of that war for manufacturing processes, the business world and the governance of countries by highlighting some of the key issues. It is a complex and topical subject, which attracts media attention on a daily basis.
The cyberattacks in recent years on British Airways (BA), Dixons Carphone, Facebook, Tesco Bank and the National Health Service (NHS) demonstrate that the war is now hotting up and becoming a very serious threat to businesses. These are just some examples that were made public, but there are many more breaches that have not been reported. New regulations and laws are in place to ensure that fines can be imposed on companies and organisations that do not have secure data protection systems in place. Below is a short scenario of what could happen when a cyberattack is made on our infrastructure.
A day when the lights go out
A crowded underground train in London stops between stations during rush hour and all the lights go out; 5, 10, 15 minutes go by. The prolonged darkness and lack of communication from the driver causes passengers to panic. Mobile phone networks and the Internet cease to work. Traffic lights fail, and roads are jammed so emergency services cannot operate. Airports close and planes are grounded. Hospitals cannot function. Water cannot be pumped to the service reservoirs, and many other utilities fail. Banks and businesses are disrupted. Communications are severely limited, and so the Government is forced into a state of emergency.
The above is an example of what could happen when a small number of people hack and take control of the computer systems that operate our many public services. The perpetrators could be anywhere in the world and disappear before being identified. Since most of the services rely on interconnected computer networks that have minimal emergency back-up, they can be easily disrupted by a targeted cyberattack. There are specific contingency plans to counter some of the attacks highlighted in my example, but if they are known by the hackers, they can also be overcome.
We are currently concerned about the political, economic and security issues associated with Brexit. These are important to the UK, but the havoc and disruption to the nation’s infrastructure and the wider ramifications for the global economy of a cyberwar pose a more serious threat to which no country is impervious.
Unfortunately, in most countries, countermeasures to cyberattacks are not well developed. Paradoxically, since about 50 percent of the world’s population is not yet connected to the Internet, those individuals are more secure, although this percentage will decrease in the near future. Their countries, however, will suffer as they are vulnerable to the chaos that would follow an attack on their infrastructure.
It is likely that all readers of this magazine, either as individuals with bank accounts or companies with commercial intellectual property, have been or could be casualties of cyberwarfare. There are some similarities between a cyberwar and the proliferation of nuclear weapons in the Cold War era. Then, the potential enemies were known, so both offensive and defensive measures were developed to counter them. In a cyberwar, however, a strong defence is the most effective way to counter potential attackers.
The threat to individuals
Attacks on individuals are mainly thefts of personal data, for example, personal and business bank details, financial transactions, and health records. Ransomware is one of many forms of malicious software used for this purpose. It threatens to publish the victim’s data or perpetually block access to it until a ransom is paid. This form of illegal blackmail is often successful because the cost of the alternatives such as the loss of customer confidence in a business or a public body can be much greater. According to the results of a 2017 survey undertaken by Accenture in the UK3, 13 percent of the population has had their personal medical information stolen from databases.
The threat to businesses
Most companies and businesses are dependent on the digital economy and the Internet for growth. Generally, it is lack of awareness and poor software protection that make companies vulnerable to attack. The need to allocate increasing budgets to update their data security places a burden on companies’ resources so it is often neglected.
The results of a survey on cybercrime, carried out across 16 industries and involving 355 companies in 11 countries, have been published in Accenture’s 2019 annual report4. It was found that there had been a 67 percent increase in cybercrime over the last five years. According to a 2018 study carried out by the Ponemon Institute5, the global average cost of a data breach is US$3.86 million. These costs result from fines, loss of business through a lowering of customer confidence and ability to deliver on contracts, and the need for extra security. All major trading countries are now being affected by cybercrime. The US, China, Germany and the UK have been ranked as those most affected6. Further surveys are being carried out to assess the current rate of increase in crime, stimulated by the growing number of cyberattacks on key installations.
Victims of the cyberwar are increasing, but the nature of the war makes it difficult to collect precise statistics. A 2018 survey conducted by PricewaterhouseCoopers (PwC) gathered data from 7,228 respondents and revealed that, over a two-year period, 49 percent of global organisations had experienced fraud and economic crime, and 31 percent of these had fallen victim to cybercrime7.
Many manufacturing companies are concerned about their vulnerability to cyberattacks on automated manufacturing systems that depend on artificial intelligence (AI). If this is corrupted by false data and therefore wrong instructions, then chaos on the production lines would result.
The threat to infrastructure and governance
The cyberwar has taken a step up. People or groups intent on destroying or disrupting a country’s infrastructure, forcing governments to devote more resources to fight them, now have access to the new computer and communications technologies on which 21st century society is based. The effects of a cyberattack are, to an extent, comparable to a pernicious virus that is capable of initiating a global pandemic and killing millions of people. It may not directly kill people but the resulting social and economic disruption caused could have a similarly devastating effect on lives, particularly in poorer countries that do not have the resources to combat it.
The consequences of a cyberwar on our infrastructure and governance are the most serious of all threats because terrorists are increasingly using it alongside physical attacks. They use media outlets to propagate fake news, sometimes with far-reaching political and social reactions. The majority of people have mobile phones to such news can be instantly sent.
Future threats and 5G networks
The exponential advance of digital technologies is moving more human-to-device communication to wireless connectivity. Precision wireless technology will underpin driverless transport, smart factories for high-tech robotic manufacturing, mobile healthcare, the development of smart factories and cities, and many other sectors.
The next big step is 5G mobile wireless networks, which will have dominance in all communication systems. 5G uses entirely new wireless infrastructure to achieve up to 10 Gbps data flow, which can be 100 times faster than existing 4G networks. It will accelerate downloading and almost eliminate processing delays experienced with the latter. It will also accelerate the IoT revolution, designed to connect billions of machines, appliances and sensors at a low cost with minimal power requirements. The dark side of 5G is that with its vastly increased capabilities, it opens up an effective gateway to cybercriminals who will be able to spread malware infection faster and farther with more devastating economic, societal and political consequences.
The suppliers of 5G technology for the next generation of wireless networks are giving the security services in many countries significant cause for concern. Those that produce the devices capable of using 5G will have a market dominance with broader cybersecurity implications. They will possess greater data-gathering and surveillance capabilities, so pose a potential threat to business and national security.
Cybersecurity programmes
The governments of major industrialised countries where digital technologies and the use of the Internet for data exchange is vital are investing in cybersecurity programmes. On April 30, 2019, the anniversary of Tim Berners-Lee’s creation of the World Wide Web, the UK launched the National Cyber Security Centre (NCSC) in Glasgow, which is part of Government Communications Headquarters (GCHQ)8. It aims to provide people and companies with the necessary expertise and knowledge to protect the data networks and services on which the UK depends.
The European Union Agency for Network and Information Security (ENISA) has been set up to provide support for the member states and EU institutions and businesses in key areas, including the implementation of the Network and Information Security (NIS) Directive9.
The US National Cybersecurity Protection System (NCPS), operationally known as the EINSTEIN, provides a technological foundation that enables the Department of Homeland Security (DHS) to secure and defend the federal civilian government’s information technology infrastructure against advanced cyberattacks10.
What must be done for future cybersecurity
Society and organisations need to achieve greater resilience to the cyberwar by limiting the security risks inherent in new digital technologies. There is, therefore, an impending demand for wireless devices and products with embedded data protection systems. This will require an innovative rethinking of the design and manufacture of such systems. The security implications of 5G networks and the aforementioned new regulations will, of course, make their use mandatory, which will provide unparalleled opportunities for high-tech enterprises and companies in all service sectors.
The real challenge in fending off a cyberattack is launching a quick enough response. Such attacks can go viral and instantaneously global through social and news media. False news and facts can rapidly affect markets and shares, and produce misplaced business, military and political reactions. This has been a prominent feature of the cyberwar in recent years. The shortage of trained staff in the appropriate information and communications technologies required to provide counter-measures is also a problem for many companies. The best people tend to work for government security agencies.
Alongside the technology and logistical issues referred to above, complacency is also advantageous to the enemy. The notion that ‘it can’t happen to me’ is a problem. This is because it has not yet, but in time, with absolute certainty, everyone will be a victim or a casualty of the cyberwar. The consequences for society are far-reaching unless restrictive measures are taken. The war cannot be won, but it can be limited. New technologies alone will not be able to solve what is essentially a human problem.
David Tolfree, independent science and technology consultant
References
1A guide to the Internet of Things infographic, how billions of things are making the web wiser [infographic]. Intel. Available at: intel.ly/2W7Gm72
2Tolfree, D. (2018). Facing up to the reality of data security and protection. CMM; volume 11, issue 4. Available at: bit.ly/2XQOQQC
3One in eight consumers in England have had their healthcare data breached, Accenture survey reveals [press release]. April 25, 2017. Accenture. Available at: accntu.re/2IIMhwx
4Bissell, K., Lasalle, R.M. and Dal Can, P. (2019). The cost of cybercrime, Ninth annual cost of cybercrime study [research report]. Accenture. Available at: accntu.re/2vDEjfk
52018 cost of data breach study: impact of business continuity management, Ponemon Institute research report. IBM. Available at: ibm.co/2DQ4moi
6Sumo3000 (2017). Top 20 countries found to have the most cybercrime [press release]. April 21. EnigmaSoft. Available at: bit.ly/2VunLF8
7Pulling fraud out of the shadows, Global economic crime and fraud survey 2018. PwC. Available at: pwc.to/2PwfN9b
8National Cyber Security Centre (NCSC) [homepage]. Available at: bit.ly/2H545zR
9European Union Agency for Network and Information Security (ENISA) [homepage]. Available at: bit.ly/2Wn453g
10National Cybersecurity Protection System (NCPS) [webpage]. Department of Homeland Security. Available at: bit.ly/2UZoTBr