The Changing Scene of Cyberwarfare in 2019
During the Cold War, the sense of paranoia between the West and the East turned to a nuclear arms race of unprecedented proportions, something which forever changed the face of war.
Today the world is facing an ever-increasing presence of electronics and internet connections, linking countries and businesses in the global network in a far more personal way. In some ways, this is the exact opposite of what was observed during the Cold War, but the end result is the same nonetheless – a growing arms race in the fields of cyber defense and attack capability between countries, small groups of threat actors and businesses across the world.
Due to the fluid nature of business and politics, some countries have become bigger targets than others. As is the case with any sort of defense, not spending enough on proper security measures and training has serious consequences in the real world and on the internet.
For the last three years, global malware attacks have been on the increase, with likely more to come. Although there was a small decrease back in 2016, the volume has grown by a third by that time.
Which countries face the most attacks by malware?
Back in 2018, the United States saw almost 5.1 billion malware attacks alone, almost half of the world's entire number of known attacks. They were followed by China with 601 million, the United Kingdom with 584 million and Canada with 423 million. India faced 412 million malware attacks over the course of the year.
Ransomware attacks the rise in the US, decreasing in volume in the UK and India
Much like malware, ransomware volume also jumped in the number of attacks in 2018 with an 11% increase over the attacks that happened in 2017. The number of attacks managed to reach over 206 million, with the infamous WannaCry, Cerber and Nemucod threats at the top.
So far in 2018, the most targeted country in the world was the United States again, with about 90 million ransomware attacks so far, followed by Canada with 24 million and Germany (9.9 million) and Brazil (8.6 million). India and the UK saw a decrease in attacks during 2018 instead.
Victims who made the choice to pay the ransom found out the decryption key would cost them $6700 at the end of 2018, according to BankInfoSecurity. In many cases, the link between financial losses and ransomware is feared, as this may impact the brand of a company, as well as its reputation and business relationships.
As a cryptocurrency, Bitcoin dropped in value in 2018, but it was still the preferred method of payment for cybercriminals. With the price dropping, however, some cybercriminals moved on to asking for a specific sum instead of a Bitcoin ransom.
The stakes are rising for cyber warfare in 2019
Before the information age and the prevalence of the Internet into nearly every aspect of life, geopolitical tensions were driven by traditional espionage and warfare. Today, the digitalization of the world we live in not only made it so politically and commercially sensitive information is housed within the network, but it also gives the possibility for intrusions into critical civil and military infrastructure and control systems. Such cases were observed with malware attacks against nuclear powerplants in the last few years, just like similar ones against civil transportation in South Korea. It is thus no surprise that nations and businesses around the world are putting cybersecurity as a priority today.
Cyber-attacks have been launched by threat actors of both government origins and small groups with no or lose affiliation to nations. Examples of those can be seen in Stuxnet, which was allegedly used by the United States and Israel to damage Iran's nuclear weapons program. DDoS attacks were used against Estonia, attacks were made against control systems of power grids in Ukraine. Global attacks with the WannaCry ransomware, intellectual property thefts, social engineering techniques used for phishing of sensitive data, the list keeps going and going.
Nation-state activities have been prominent in some of the previous roundups in predictions for 2016, 2017 and 2018, and given the way things are developing, more appear to be expected in 2019.
According to the Nuvias Group, an increase in sabotage, espionage and crime performed by rogue nation-states is likely to occur during 2019. With the ongoing failure to prepare for such attacks on national, international or even UN levels, nation-state sponsored actions are likely to continue. With most modern organizations simply not possessing the structure and security to defend against such attacks, cybersecurity teams need to step up their game, relying on better breach detection techniques.