Governments are a major target of cyber-attacks, which increases during times of conflict. The primary goals of cyber-attacks focused on government and governmental organizations are gathering information, disrupting critical infrastructure, and eroding public trust.

Collecting and Compromising Data: Governments have massive amounts of information on citizens, businesses, academia, and intellectual property that are lucrative targets, especially with the United States’ posture toward Freedom of Information and transparency in government. Even more sensitive is information on military or otherwise classified activities. These could be as simple as communications between embassies on upcoming events or as sensitive as transferring weapons to the Ukrainian military. Regardless, it is a rich target for anti-government militia, international terrorists, industrial espionage, nation-state spies, and any other flavor of cybercriminals. Suppose cybercriminals can steal that non-public data from governments. In that case, they can sell that data, hold it as blackmail, or release it to cause damage to an administration, business, or group of citizens. While not having his data collected through cyber attacks, Alexander Hamilton was a known victim of blackmail. Many victims of blackmail won’t come forward as he did, but with the amount of information that can be accessed on the internet, it can be assumed that the number of blackmail cases has increased.  

Taking Down a Nation: Critical infrastructure includes the vast network of highways, connecting bridges and tunnels, railways, utilities, communications, and buildings necessary to maintain normalcy in daily life. Transportation, commerce, clean water, and electricity rely on these vital systems[1]. These sectors are typically controlled by a government organization or a regulated company that works with the government to provide the service. The energy sector is one of the main targets of cyber-attacks against critical infrastructure, but it is not the only one. Transport, public sector services, telecommunications, and critical manufacturing industries are also vulnerable. The goal of cyberattacks on these sectors is to disrupt economies, destroy critical infrastructure, and disable public services. Our CEO, Kris Schroeder, discussed the goals of Cyber Attacks in a recent ABC News segment. Governments need to decide how to deal with the cybersecurity risks associated with both the physical and cyber systems and assets that control all sectors. Since the incapacity or destruction of one of these sectors would have a debilitating impact on physical or economic security or public health or safety, governments cannot avoid this risk. So they must try to mitigate the likelihood of an attack or transfer the responsibility of an attack to a third party.

Eroding Public Trust: Suppose citizens feel that their government can’t protect them from attack, their faith in their government would decrease. Cyber attacks will only grow in their severity and impact, which will result in increased tensions between governments and citizens. Governments are meant to act as digital stewards and showcase how to react to a cyber attack. However, cyber attacks have caused increased tension between governments, especially the superpowers, so there has been a lack of digital stewardship. The World Economic Forum’s (WEF) annual Global Risks Report highlights the erosion of public trust around governments’ ability to prevent, counter, and retaliate against cyber attacks. WEF specifically calls out that “without mitigation, governments will continue to retaliate against perpetrators (actual or perceived), leading to open cyberwarfare, further disruption for societies, and loss of trust in governments’ ability to act as digital stewards.”

Cyber attacks against a government or nation rarely take a single form. This was especially clear in the Colonial Pipeline cyber attack, which took out a critical infrastructure pipeline. The lack of communication and misinformation eroded public sentiment and trust, causing panic buying of fuel. Grey Market Lab’s Chief Engineer, Fred Kenowski, experienced this impact directly, “working remotely, I don’t depend on driving daily to do my job. However, living in a rural area, many folks depend on a steady fuel supply from a limited number of gas stations for their lengthy commutes, trips to the store, or to keep all their farm equipment running. Shortly after the pipeline shut down, there were long lines at the gas stations filled with folks running on empty or panic buying and stocking up. Later the following day, all the pumps in the county were closed because they were out of gas. It wasn’t initially clear when the pumps would turn on again, and it created a lot of concern with many I spoke to questioning if they would be able to work soon if service wasn’t restored quickly.”

Without clear communication from the government and an immediate solution in sight, there was a lot of panic buying that drained the Just-In-Time supply chain of fuel quicker than was necessary. Prevention is the best medicine, but strong plans must be in place to mitigate the inevitable cyber attack that breaks through and the likely human response it will trigger. The White House released a Best Practices Fact Sheet following the Colonial Pipeline cyber attack focusing on establishing an interagency response group to monitor and address the cyber attack. The US Government Accountability Office created an outline to put the United States in a better position to prevent or more quickly detect and mitigate the damage of future cyberattacks by highlighting the need to develop and execute a more comprehensive federal strategy, mitigate global supply chain risks, and enhance the federal response to cyber incidents[2]. Government should continue to embrace concepts to fundamentally change the landscape and render some of these attacks irrelevant: zero trust architectures, specifically those with isolation, limit the scope of any attack and advanced approaches like moving target defense (i.e. rotation of computer settings on a regular basis) make hacking attempts fail because criminals are always seeing different settings and don’t have a fixed thing to attack.

 

***The next article in The New Battlefront 101 series will  discuss how misinformation affects public perspective.

___________________________________________________________________________________

Grey Market Labs® is a Certified B-Corp founded with the mission to protect life online. Our Replica™ platform orchestrates, automates, and secures Environments-as-a-Service, making organizations more protected with our patented privacy and Zero Trust architecture and more productive by increasing access to critical data, tools, and workflows simply, on-demand, anywhere. Replica™ support of dozens of use cases that span industries: from disrupting fraud on the dark web, to supporting military operations, combatting human trafficking, and enabling trusted data sharing in healthcare. 

Grey Market Labs® is the first cybersecurity product company recognized as a Certified B-Corp organization.

Contact us to see how we can work together.