The internet has become yet another front for international warfare over the past decade, which makes robust enterprise cybersecurity an increasingly difficult and high-stakes endeavor.
From parents around the world asking kids to put away phones at the dinner table to soldiers on the battlefield striving for “information superiority,” the internet has had a big impact on both the way humans connect with each other and the way we protect ourselves. A similar dynamic has emerged in business — the same tools and technologies that power global enterprise also enable global cybercrime, which means today’s enterprises must contend with threats not only from here at home, but from every country in the world.
Transnational cybercrime is something that government authorities have had to contend with for years, but has captured the public’s attention since the 2016 election cycle. During that election, Russia-backed hacking groups Fancy Bear and Cozy Bear allegedly used a straightforward spear phishing attack to breach the Democratic National Committee’s servers and steal hundreds of politically damaging emails.
Russia-backed hackers also attacked the systems of voting authorities in as many as 39 states. In Illinois, for example, hackers compromised some 90,000 records — including the names, dates of birth, genders, driver’s licenses, and partial Social Security numbers of 15 million Illinoisans — by infiltrating servers at the state’s board of elections.
These politically-motivated cyberattacks aren’t limited to American soil. In 2012, Saudi Arabia was hit by the devastating Shamoon virus, an attack that wiped the disks of more than 30,000 computers at the state-owned oil company Saudi Aramco. In all likelihood, the attack was perpetrated by hackers based in Iran, Saudi Arabia’s foremost geopolitical rival in the region. Similarly, the DPRK has been accused of launching repeated cyberattacks against its regional rivals, in particular South Korea. According to an in-depth investigation by Fortune, North Korea’s March 2013 DarkSeoul attack “caused $700 million in damage to South Korean banks and broadcasters, freezing ATMs and erasing the hard drives of 30,000 computers.”
Unfortunately, private companies often end up as collateral damage of state-sponsored, politically motivated cyberattacks. While government authorities generally have the resources and know-how needed to combat transnational cybercrime, many enterprises do not, and end up suffering as a result.
For instance, last June, Russia-backed hackers unleashed NotPetya malware on nearly 2,000 Ukrainian banks and government agencies. The attack — which took place on the eve of a Ukrainian holiday celebrating the ratification of the country’s first post-Soviet constitution — was clearly intended as a massive counterstrike in the ongoing Russo-Ukrainian conflict. Nonetheless, the malware quickly spread to systems all around the world.
According to the New York Times, hospitals across the United States were unable to create electronic records for over a week after the healthcare software maker Nuance Communications was compromised by Russian malware. The shipping giant Maersk was hit even harder, as it was effectively unable to conduct business for two days. CNBC reports that, all told, the NotPetya attack cost Maersk as much as $300 million in lost revenue.
Of course, enterprises are vulnerable to direct cyberattacks by international actors, as well. The infamous, stranger-than-fiction 2014 Sony hack destroyed half of the company’s global network, including “everything stored on 3,262 of the company’s 6,797 personal computers and 837 of its 1,555 servers.” The attack — which many experts say was perpetrated by state-sponsored North Korean hackers — resulted in leaks of unfinished move scripts, incendiary emails, salary lists, and over 47,000 employees’ Social Security numbers.
As the Sony and NotPetya attacks (as well as many others) clearly demonstrate, enterprise IT teams are typically ill-equipped to handle transnational cybersecurity threats. In truth, many enterprises simply don’t believe comprehensive cybersecurity is possible — at least not at a reasonable cost. “We literally could go broke trying to cover for everything,” argued Sony Senior VP for Information Security Jason Spaltro. “I will not invest $10 million to avoid a possible $1 million loss.”
Needless to say, Spaltro’s approach didn’t pan out so well. That said, building and maintaining robust enterprise cybersecurity is a difficult endeavor, the costs of which can spiral out of control if not done properly. That’s why enterprises would be well-served by partnering with a cybersecurity expert like Turn-key Technologies (TTI).
With over two decades of experience, TTI knows how to support corporate networks against all potential threats without compromising network performance or inflating IT budgets. In today’s digital wilderness, we have to pay as much attention to threats from St. Petersburg, Russia, as we do to threats from St. Petersburg, Florida — and to do so on an enterprise scale, you need all the help you can get.