What would a Cyber War look like?

Share on facebook
Share on google
Share on twitter
Share on linkedin
July 2, 2019

D-Day Plus 1

It’s Monday morning at 8 am, and you arrive early to work to get a fresh start on the week.  Upon arrival, your badge is not working, preventing you from getting access to your offices. You knock on the door and are greeted by a harried IT worker, who lets you in and urges you not to turn on your computer and wait for instructions.

This is a minor inconvenience, so you decide to work from home, which you normally do anyway, and stop by your local coffee shop on the way to your car.  Unfortunately, the coffee shop is accepting cash only, due to a problem with their Point Of Sale (POS) system. Not a problem, you’ll just save that money and make coffee at home.

You’re greeted to a large line of honking cars at the parking garage.  It appears that the electronic gate is not working and the garage can only accept cash as well.   Luckily, your bank’s ATM is down the street, so you head there to grab some cash, which seems like an increasingly good idea to have in your pocket today.

Unfortunately, the ATM is out of order and the bank has posted signs that they are not currently processing cash withdrawals for anyone but their corporate customers.  This is when you start to have a slight tinge of panic which subsides quickly. This is just one bank branch, and you currently have not put the pieces together that these things are all related.

We are all part of the battlefield

This scenario is not science fiction.  All of these things have happened and are currently happening every day in towns around the world.  The popular series Mr. Robot took this scenario to a frightening conclusion which is also completely plausible.  The reality is, the effects of a cyber war will not play out on some distant digital battlefield, but they will play out in the lives of consumers and have an impact on everyday life.  The most frightening of these scenarios include the necessity for having cash, lack of access to the myriad electronic services we have access to today, such as online bill pay, and inability for companies and utilities to deliver basic functions which could lead to the breakdown of societal norms.

In the best case, we will be seriously inconvenienced and companies will be financially strained, or put out of business, due to their inability to defend against cyber attacks.  The sad reality is that most businesses, large and small, are not even practicing the most basic cyber hygiene which would protect them from attacks that could be launched using point-and-click hacking tools.

The worst cyber war scenarios include a “Digital Pearl Harbor”, where people lose their lives due to a cyber attack.  The more likely and mundane truth is that we’ll slowly start to lose the conveniences that we have today. Remember airports before 9/11?  If companies do not start to commit time and resources to a robust cybersecurity program, we will be reminiscing about times when we could freely get online without providing ample proof of who we are to gain access.

Proactive Defense

To avoid this scenario, there are plenty of things that companies and individuals can do today to make themselves more resilient to attack.  For instance:

  • Understand your attack surface: Ensure you have an accurate inventory of your instances and assets, and use the security tools that cloud providers offer to do sanity checks within your environment (such as Amazon GuardDuty, Google Security Command Center or Azure Security Center).  
  • Implement a robust vulnerability management program: Attackers are constantly leveraging known vulnerabilities to gain access to your environment.  Having a proactive approach to patching and vulnerability management is a simple way to reduce the risk of a successful attack.  
  • Ensure proper access control: Too often, attackers are abusing privileged accounts, especially those that have been implemented long ago and forgotten about.  Do an access audit at least quarterly, ensure named privileged accounts, ensure strong 2FA for all and use Single Sign-On (SSO) everywhere.

Committing to a robust cybersecurity program is not only good for keeping your organization functional, it has greater implications for national security. CDG has a proven record of helping our clients proactively defend against advanced threats. Contact us today for more information.

lou@cdg.io

lou@cdg.io

Incident Response

If you have been the victim of a cyber attack, contact us right now.

  • Determining the extent of a breach
  • Performing a full-scope response from Identification to Recovery
  • Incident Response retainer services, including IR preparation for your team