Global tensions increase cyber threat

Geopolitical risks used to be something that only companies with a global presence had to worry about. But in cyberspace, any connected modern business is vulnerable.

It is no longer enough for companies to sever ties with unsettled regions, cut loose risky subsidiaries or hedge their global exposures to manage their way through shifting international tensions.

The past two years - marked by the escalation of state-on-state disputes and conflicts - have shown that the effects of cyber warfare or aggression can be experienced by almost any business.

Companies can be victims of state-sponsored attacks for strategic reasons unconnected with their immediate business, from filmmakers such as Sony Pictures - allegedly hit by North Korean hackers last year - to Spanish renewable energy companies, targeted by Russia-linked hackers.

The nature and motivation for attacks is varied: from classic state surveillance to economic espionage, criminal gain, embarrassment or destruction.

"Whenever we have discovered a new domain in the history of mankind, we have had conflict over it," says Dave DeWalt, chief executive of FireEye, one of the world's biggest cyber security companies.

He believes such conflict in cyber space is already upon us: "We are seeing more and more complex attacks - highly sophisticated operations. On average, we are seeing attackers inside their target's networks for about 200 days before they are discovered."

Many western security officials fear that, as conflicts heat up around the world, cyber will become the front line for more overt, aggressive attacks.

With many of the world's disputes deadlocked - the stand-offs between Iran and Saudi Arabia, North Korea and South Korea, Japan and China, or Russia and Europe - cyber is likely to supplant the physical world as the main theatre of conflict.

"There is a correlation between cyber attacks with the rise of geopolitical tension," says Christophe Birkeland, chief technology officer of malware analysis at Blue Coat, a cyber security company. Cyber attacks are following the pattern of other kinds of advanced arms proliferation, he believes.

"Once the new weaponry is used successfully, all the ambitious would-be up-and-comers . . . follow suit," he says.

According to PwC, the professional services company, the number of cyber security incidents reported in 2014 by large businesses increased globally by 48 per cent to 42.8m - the largest jump in attacks since 2010. Of almost 10,000 organisations and individuals polled by PwC worldwide, nearly one in 10 reported breaches costing their business a total of more than $10m annually.

The nature of cyber threats differs by region. The focus of Chinese hacking is intellectual property theft, while Russian activity is driven by espionage, vandalism and criminality. For the US or Britain, activities have centred on surveillance and the hacking of telecommunications.

Many believe that tensions in the Middle East are the likeliest to lead to a flashpoint in the digital domain in the near future. "The number of cyber attacks from Iran directed against Saudi Arabia and the US is growing," says Stuart Poole-Robb, head of the KCS corporate intelligence and security group.

He points to the virus that infected Saudi state oil company Aramco's IT system in 2012, erasing data on three-quarters of PCs, replacing emails, spreadsheets and documents with an image of the US flag in flames.

"Hackers . . . claiming to be upset about Saudi policies in the Middle East were traced to Iran by US intelligence," says Mr Poole-Robb.

With the prospect of a nuclear detente between Iran and the west, growing Israeli concern about Tehran's ambitions, and a fully fledged proxy war between Saudi Arabia and Iran in Yemen developing, many see the first fully destructive cyber attacks - including, possibly, the first to cause harm to humans - as likely to emerge in the region.

Against such a backdrop, the main issue is one of enforcement and deterrence. Some companies are even talking about the possibility of having retaliatory capabilities.

"I see a lot of talk about that and a desire to do it," says Mr DeWalt. "But when it comes to it, it's like going into a fight with a peashooter."

Ultimately, Mr DeWalt says, the best weapon for large businesses in cyberspace could be "the embarrassment variable" - naming and shaming attackers, particularly states. It might not seem a powerful tool in a world of international cyber aggression, bullying and war, but it might be the best option available.

© The Financial Times Limited 2015. All rights reserved.
FT and Financial Times are trademarks of the Financial Times Ltd.
Not to be redistributed, copied or modified in any way.
Euro2day.gr is solely responsible for providing this translation and the Financial Times Limited does not accept any liability for the accuracy or quality of the translation