How Can a Country Profit from Cyber War?
Is it possible for a country that does not aim to spread ransomware and support hacking to profit from cyberwar? The answer is yes. Cyber attacks do great damage, but investment in defense promotes business activity. And the provision of cyber protection services is quite substantial. At ITAPA 2019, this topic was presented from a different perspective by two countries- Israel and Estonia. The two countries that are under the greatest cyber attack and are therefore the best source of inspiration.
Cyber attacks are not only annoying but also expensive. In 2017, cyber crimes caused more than $ 600 billion worldwide damage. A year later, it has exceeded a trillion and it continues to grow exponentially.
In addition, the attackers are savvy and diligent. On average, new malware occurs every 4.3 seconds. Altogether, this represented more than 7 million new malware cases in 2017, which is almost 60 times more than ten years ago. These are no longer individual attacks, it is a real war.
Is it even possible to prevent a country's critical infrastructure from cyber torrent? Yes, it is. Countries that face the most dangerous cyber threats are great examples of how to use such a situation to their advantage with relatively limited resources for self-defense. What recommendations do they have for Slovakia?
Israel
Israel was not only able to defend itself successfully but also, thanks to its experience, Israeli companies providing cybersecurity services have become extremely competitive in this matter worldwide. In 2018, these companies employed more than 20,000 workers and were able to sell services for about $ 6 billion abroad (2017). And what is Israel's own national security strategy?
Yosi Aviram from Israel National Cyber Directorate presented in three points the strategy followed in Israel:
1. Ability to function without failure by reducing and preventing cyber threats. It is basic cyber hygiene that includes rules that all of us know. Regular password change, strong password, antivirus updates, etc.
2. Ability to handle individual attacks and restore normal functioning. The system is already tested for resistance to attacks. According to the slogan "sharing is caring", the Israelis have built a Cyber-net platform. This "Facebook of Cyber" allows anonymous sharing of hacker attacks. When a bank anonymously reports a security cyber incident, other banks are aware of this within 20 minutes and can respond accordingly.
3. National efforts aimed at cutting-edge cyber threats. This includes international cooperation as well as addressing the lack of experienced people. Israel is actively working to develop international computer security legislation. In an effort to attract more experts, the State of Israel has launched a National Program to Support Cyber Research Centers at Israeli universities.
Estonia
Estonia is the first country in the world to move its data and digital operations away from the country due to the attacks. Just as countries once moved their gold reserves across the ocean in times of war, these are the dates that travel to safer areas. Surprisingly, the virtualization of state processes and their reliability led to an increase in the number of taxpayers by more than 50,000.
Sergei Butenko, Dell Technologies, spoke about the government cloud of this Eastern European country in the autumn ITAPA. How are the priorities set in Estonia?
1. Estonia built the Data Embassy in 2017. It is an extension of the government cloud. The Estonian government owns servers built in other countries. These serve to ensure that in the event of a cyberwar they will be able to re-launch their systems within 15-20 minutes.
2. No one has perfect software without errors and vulnerabilities. Most security attackers rely on a short period of time when a system is weaker so they can attack it. Estonia seeks to minimize such times of vulnerability. All the system corrections are fully certified on the vendor side before being implemented.
3. Regular software updates are one of the key components of a more secure system.
Estonian state online services are very reliable thanks to investments in cybersecurity. One of the benefits of the Estonian system is, for example, the increase in the number of taxpayers after the introduction of e-Residence. This service allows people who do not live in Estonia to apply for a secure virtual residence. The state will issue them with a smart ID identity card with which they can make digital transactions and sign documents. As Estonia is a member of the European Union, e-Residence holders can easily trade with all EU countries. At the same time, they are confident that their transactions and data are secure due to the high security of the Estonian government cloud. With this service, Estonia has more than 50,000 new taxpayers. You can listen to the whole presentation of Sergei Butenko here.
If you want peace, prepare for war. The war is here. Is Slovakia ready for it? Is it ready for a cyberattack on critical infrastructure? Can we be inspired by examples of countries that are similar in size or in history? Can we be inspired by the fact that a well-managed defense can also bring benefits in the form of an increase in business activity?
Cybersecurity will also be one of the top topics at the ITAPA 2020 Spring Conference. Find out what the latest trends are, get inspired and register today.