Cyber Resilience – A Decade After The First Large-Scale Attack

By Dr Rita Parker

The fragility of cyber defences worldwide was exposed when malicious software (ransomware) created havoc around the globe in May this year, affecting businesses, individuals and critical infrastructure. The global reach was unprecedented. The first wave of cyberattacks hit 200,000 targets in at least 150 countries, according to a statement by the head of the European Union’s police agency Europol Director, Rob Wainwright. Malicious software or ransomware is a program that enters your computer either by clicking or downloading malicious files. It then holds your data as ransom. The global attack in May this year was attributed to a form of ransomware known as WannaCry that targets Microsoft’s widely used Windows operating system to locks up files on your computer, encrypts them so they cannot be accessed, and demands payment to regain access. But there is no guarantee that access will be granted after payment.

The question that needs to be asked is: have we developed our cyber resilience since the first deliberate large scale cyberattack a decade ago, in May 2007? At the time, it was a coordinated approach that had never been seen before. The massive cyberattack occurred following the Estonian Government’s decision to move a bronze statue that the Soviets had built in 1947 to commemorate their war dead after driving the Nazis out of the region at the end of World War II. But having rid the country of German occupation, the Russians then occupied Estonia. For many citizens, the statue was a symbol of an oppressive occupation. Sixty years later in April 2007, the now independent Estonian state decided to move the monument from the centre of the city to a military cemetery on Tallinn’s outskirts. For Estonia’s ethnic Russians, who make up a quarter of the nation’s population, it was an emotionally charged time and, following the statue’s removal, there were several days of civil unrest and violent confrontation resulting in hundreds of arrests, many injuries and, tragically, one death.

But the situation did not end there. What followed was unprecedented – for almost three weeks, a series of massive cyber operations targeted Estonia and disrupted and closed banks, government networks and emergency services, the media and police operations. It was as close to chaos as was imaginable. Estonian border guards had reported no incursions and the country’s airspace had not been violated. The attacker was invisible, yet the attacks were virtual, psychological and real. Never before had an entire country been targeted simultaneously on almost every digital front. It was a wakeup call, not just for the Estonian Government, but around the globe about the extent of cyber vulnerability and of the need to become resilient. Ten years later, in May 2017, there was a feeling of déjà vu as malicious software attacked targets around the globe.

Part of adopting a cyber resilience approach to business is to take anticipatory and preventive measures. One of the most basic preventative measures is to avoid clicking on links or opening attachments or emails from people you do not know or companies you do not do business with. To enhance cyber resilience, other basic steps are necessary, such as regularly backing-up your important files. Installing and using up-to-date antivirus solutions, and ensuring your software is up-to-date also helps. In addition to seeking expert advice, it is important to have your systems and procedures tested. Thought also needs to be given to building in redundancies in the event of a complete or partial shutdown of your computer system. These preventive measures to safeguard business operations contribute to building cyber resilience, and they are just as important for small businesses as well as large corporations. It is a mistake to think that as a small business you may not be a target for a cyberattack because this type of assumption can result in huge losses.

In Australia, we realise that our geographic sovereign border is vulnerable with 35,876 km of coastline, with an additional 23,859 km when taking into account island coastlines. Yet another border, the Internet and the World Wide Web, potentially makes the nation even more vulnerable to real threats and risks to our economic, trade and social wellbeing and security. Every person who owns or operates a computer linked to the outside world has a responsibility to ensure they have in place relevant strategies and processes to prevent or mitigate an attack and, importantly, strategies to ensure they are resilient in the event of an attack.

Dr Rita Parker is a member of the International Council of Security & Resilience Professionals, and Centre Manager of the Australian Centre for Armed Conflict and Society at the University of New South Wales, Canberra.  Rita is also a former Distinguished Fellow at the Center for Infrastructure Protection at George Mason University (GMU) Law School, Virginia, USA, and she was a Founding Board Member of the Australasian Security Professionals Registry.

Dr Parker provides advice to organisations seeking to increase their corporate and organisational resilience and crisis management ability. In additional to being a regular columnist for Security Solutions Magazine her work has been published in Australia, Germany US, Singapore and Malaysia. Her co-edited book, Global Insecurity, published by Palgrave McMillan will be available in 2017, includes aspects of her recent research about urgent global security policy issues. She can be contacted at ritap2020@gmail.com