The cyber threat landscape has evolved significantly over the past decade and the changes have accelerated in recent years. Before 30 years ago, the term “cyber warfare” didn’t even exist, and the term is still somewhat controversial. Once upon a time (it was just a few years ago), most private companies had no reason to be directly involved, but the lines continue to blur between adversaries of nation states, cybercrime groups and rogue malicious actors in a way that makes virtually any business and any cyber warfare fair game. The Armis Report on Cyber Warfare State and Trends: 2022-2023 takes a closer look at the situation and provides insight into whether or not organizations are adequately prepared to defend themselves.
The report sheds light on the sentiment of global IT and security professionals on the current state of cyber warfare and industry trends. It was conducted by interviewing over 6,000 IT and security professionals from around the world across all major industry verticals and provides valuable insights into the challenges and opportunities facing businesses as ‘they strive to protect their assets and secure their networks.
Technology is a double-edged sword
One of the things that emerges from the report is that technology is often a mixed blessing. Virtually anything that makes your life easier or more convenient can also be used against you by attackers or put you at increased risk in some way.
Artificial intelligence (AI) and machine learning (ML) are increasingly pervasive in technology. In the world of cybersecurity, these technologies are used to automate the detection and response to cyber threats, and help companies better protect their assets and networks. However, the report also notes that there are concerns about the potential for these technologies to be used for malicious purposes, and that there is a need for stronger oversight and regulation in this area. Recently, there has been growing concern about the potential for generative AI tools like ChatGPT to be used to develop malicious code and exploits.
The Armis report highlights that companies are increasingly facing threats from cyberattacks that specifically target critical infrastructure. This includes attacks on industrial control systems, medical devices, and other critical systems that are essential to the functioning of modern society. Such attacks do not directly target organizations (except the critical infrastructure provider), but any attack that disrupts the critical infrastructure that businesses rely on can have a tragic impact on those businesses. The report notes that these attacks are becoming increasingly sophisticated and are often carried out by advanced persistent threat (APT) groups that have the resources and capabilities to evade traditional security measures.
In the report’s foreword, Nadir Izrael, CTO and co-founder of Armis, notes that analysts predict that by 2025, threat actors will be able to weaponize OT (operational technology) environments. to injure or kill humans. He points out that this is part of a trend in cyber warfare to shift from reconnaissance and espionage to kinetic application with real-world consequences.
“These kinetic cyber weapons have been discovered in the wild before, although none have specifically been deployed with lethal effect. For example, the Triton malware discovered in 2017 targeted and disabled Safety Instrumented System controllers (SIS) of a Saudi petrochemical plant, which could have contributed to a plant-wide disaster if the problem had not been identified.And in February 2021, a hacker tried to poison the water supply facility in a small US town in the state of Florida via remote access.We have already seen ransomware attacks on the healthcare sector lead to human deaths, so the potential impact cyberattacks, whether intentional or not, is clear.
Are we ready for cyberwar?
The rapidly changing threat landscape has caught many organizations off guard. Businesses of all sizes and across industries struggle to understand the extent of the threat, and many lack the necessary cyber defenses.
Armis shared some of the report’s key findings in a press release. These findings highlight some of the key challenges we face as organizations struggle to adapt to the emerging reality.
- A third (33%) of global organizations do not take the threat of cyber warfare seriously, identifying themselves as indifferent or indifferent to the impact of cyber warfare on their organization as a whole, leaving room for security gaps.
- Nearly a quarter of global organizations (24%) feel ill-prepared to deal with cyber warfare. Even still, the lowest-ranked security element in the eyes of IT professionals is preventing nation-state attacks (22%).
- More than 3 in 5 IT and security professionals (64%) surveyed agree with the following statement: “The war in Ukraine has created a greater threat of cyber warfare”.
- More than half (54%) of professionals who are the sole IT security decision makers said they experienced more threat activity on their network between May 2022 and October 2022 compared to the previous six months.
- More than half (55%) of IT professionals surveyed agree with the statement, “My organization has blocked or halted digital transformation projects due to the threat of cyber warfare.” This percentage is even higher in some countries, including Australia (79%), the United States (67%), Singapore (63%), the United Kingdom (57%) and Denmark (56%).
- When asked about their organization’s policy on paying ransoms in the event of a ransomware attack, IT professionals around the world were divided in their responses. Twenty-four percent of respondents said their organization always pays, 31% said their organization only pays when customer data is at risk, 26% said the organization never pays, and 19% said indicated that it depended.
- Just over three-quarters (76%) of IT professionals surveyed agree that boards are changing their organization’s culture toward cybersecurity in response to the threat of cyber warfare.
- Nearly 4 in 5 (78%) IT professionals surveyed said that when thinking about recent and ongoing sudden global events (such as the pandemic, conflict in Ukraine, etc.), it is likely that their company invest more of their budget in cybersecurity, with almost 2 in 5 (37%) saying it’s very likely.
Defend against future cyber wars
The report highlights the importance of asset visibility in keeping enterprise networks secure. It’s important for businesses to have a clear understanding of the devices and systems that are connected to their networks, and to be able to detect and respond to threats in real time. Striving to be the “Google Maps” of the IT environment or attack surface, Armis is focused on helping customers get the visibility they need. They work with clients such as the City of Las Vegas, Takeda Pharmaceuticals and a growing number of government entities to help them meet these challenges.
I had the opportunity to speak with the two founders of Armis, Yevgeny Dibrov, CEO, and Nadir Izrael, CTO. On asset visibility, Dibrov explained, “Every client should ask themselves, ‘What are my assets? Where are my assets? »
He added: “The most fundamental question, whether it is a data center environment, a manufacturing environment, a hospital, critical infrastructure or a government facility, is simply to ask, “What do I have?
“I think cyber warfare in general has become kind of an honest thing that nation states do, as opposed to maybe a decade or two ago when it was all kind of silent and under cover – like these covert attacks that were never attributable. This change is huge in our global industry. This is huge for countries. In fact, from our perspective, it paints cyber warfare as the new terrorism,” Izrael summed up. “It’s the most cost-effective way to wage war on multiple levels and something we’re seeing more and more examples of as we move forward.”
Download the report for yourself for more details on Armis’ investigation and findings. In the future, it will be crucial for organizations to know the answers to these questions and to have this “Google map” of their environment to work with, because it is unlikely that we will be able to put the genie back in the bottle. The lines faded. The world has converged. Cyberwar is a reality that organizations must face.