Bringing cybersecurity globally to critical and complex key activities
Understanding the cyber threat:
For several years now, the strategic risks for the security of France, Europe and, more generally, the West, have changed in nature and intensity. Today, the monopoly of violence escapes the States and war has become hybrid: civil and interstate, internal and external, material and immaterial. This observation applies particularly to cyber attacks. These transformations are profoundly disrupting democracies, their values and their institutions. Many governments, particularly in Europe, have had to face a much more dangerous cyber threat targeting the very institutions of those states and jeopardizing the proper functioning of the targeted governments.
When it comes to governments, it is necessarily appropriate to talk about public administrations. By far the biggest threat in this industry is the social engineer. Actors who can craft a credible phishing email are absconding with Credentials at an alarming rate in this sector.
Frequency of incidents in 2021: 3,236 incidents, 885 with confirmed data disclosure.
Top threats used by the attackers:
Social Engineering, Miscellaneous Errors and System Intrusion represent. Threat Actors External: (83%), Internal (17%) (breaches)
The military is high on the list for most nation-states, compromising another nation’s military through cyber actions that often cannot be traced back to the attacker.
Military vulnerability to cyber attacks is a concern for obvious reasons: weapons are dangerous, and those working in the military at this level are the highest-ranking Defence staff who are most qualified to protect the public. Yet, through underinvestment, lack of awareness, rapid technological advancements in hacking software and any number of factors, cyber attacks on military weapons are an increasingly prevalent threat.
Indeed, many weapons or the systems that control them are vulnerable to some form of cyber attack. These attacks can occur without the military teams controlling the weapons being aware of them. These weaknesses have been referred to as ‘critical cyber vulnerabilities’. For five years, US Department of Defense testers have routinely discovered these vulnerabilities in almost every weapon system under development or in circulation.
This is made possible by a large number of advanced weapons systems developed by private companies, which have factory-defined passwords on arrival. These passwords have remained unchanged, allowing them to be easily found online. Vulnerabilities found in military systems included the ability to turn a weapon on or off, affect missile targeting, adjust oxygen levels or manipulate what controllers see on their computer screens. All would be devastating in a real combat operation and could result in loss of life.
As local governments and municipalities have gone increasingly digital and process more and more data, they have become attractive to cybercriminals. Indeed, these local entities combine two central elements that make them particularly appealing to malicious adversaries: the possession of high-value data that can be used in identity theft, including tax records that compile PII, and the magnitude of vulnerabilities that are the result of these organizations’ underinvestment in their IT security due to financial constraints. A 2020 study showed that 97% of city employees transfer sensitive documents via their email boxes. Finally, the criticality of certain operations performed by local makes them prone to paying ransomware to ensure business continuity. In 2018, Iranian hackers launched a massive ransomware attack against city computer networks. The scale of the incident created a disruption in the operation of law enforcement, court processing boxes, payment of parking tickets and a halt in operations at Hartsfield-Jackson airport. The city of Baltimore also fell victim to ransomware attacks in 2018 and 2019, causing server paralysis and disruption to its 911 emergency call center. A coordinated ransomware attack also targeted 22 small towns in Texas, resulting in ransom payments of hundreds of thousands of dollars.