Category

Cyber Warfare

Jul 08
2

The New Battlefront: Cyber Attacks on Institutions

By | Cyber Warfare | No Comments

Cyber Attacks on Institutions

The shift to work from home dramatically increased the places hackers could attack companies, with home networks and personal computers being used for daily tasks.  This resulted in a dramatic growth in cyber attacks on institutions and cybercrime has increased by 600% since the start of the pandemic. While cyber attacks, in general, have been growing, the ability of cybercriminals to access less secure personal access points and, from there, gather information on institutions has exploded. When a cyber attack targets an institution, it is when it happens, not if it happens, because every organization will be affected by a cyber attack at some point in its lifecycle. On average, a malware attack costs a company over $2.5 million (including the time needed to resolve the attack[1]). Large businesses experience, on average, 130 security breaches per year per organization, so the likelihood of an attack happening is almost guaranteed[2].

In many organizations, the responsibility of cybersecurity lies with the technical staff, including the chief information officer (CIO) and chief information security officer (CISO). These people are responsible for fortifying the company’s defenses and responding to cyber attacks. When responding to a cyber attack, the IT team must determine how large a breach was and what areas were affected. Chief Engineer, Nyla Khali, supported a client in investigating a potential breach that unfortunately lasted weeks because there was a lack of forensic information. She states, “it is paramount that systems employ a defense-in-depth strategy along with fine-tuned detection and monitoring.” This means having logs of what happened, hopefully down to the user and/or computer level. The CIO and CISO must clearly define what information ins needed for reporting and regulatory compliance. While implementing these strategies, organizations must reconcile the privacy and legal implications of collected data. Per a US-CERT publication on Computer Forensics, in the U.S., there are two primary areas of legal governance affecting cyber security actions related to the collection of network data: (1) authority to monitor and collect the data and (2) the admissibility of the collection methods[3]. In a cyber attack, good strategies will allow the IT team to thwart and investigate an attack quickly. Following this vital information, the IT team in collaboration with executives or board members publicly report on the breach and confidently handle disclosure and legal requirements.

Beyond the direct impact that cyber attacks have on an organization, they also threaten the reputation and value of the organization. Suppose that organization has private or confidential information they need to keep protected and is the target of a cyber attack. In that case, their customers may be less likely to trust the company and stop using their products or services. Additionally, the company’s valuation could be directly impacted if that company or organization is currently undergoing an IPO, merger, or acquisition. A study by Comparitech examined the share prices of 34 companies listed on the New York Stock Exchange that had experienced major data breaches and found that companies that have experienced a breach underperform the market by more than 15% three years later. Immediately following the breach, share prices for the 34 companies fell by -3.5% on average and underperformed the NASDAQ by -3.5%[4].

Some simple ways to protect your organization are to train your employees, use antivirus software, secure your networks, use strong passwords, and especially use multifactor authentication[5]. During a Cyber Defense roundtable discussion sponsored by CSIS/DOJ, a panel of experts recommended that “against particularly sophisticated or advanced threat actors, however, they suggested using cyber intelligence gathering as an additional component of a defensive program.” Moving forward and beyond the basics – companies need to start implementing new architectures that eliminate the cyber threats of today and make many of these basic threats disappear. Since employees and emails are the leading cause of data breaches, especially in small businesses, because they are a direct path into the company’s systems, if we can eliminate the threat of malicious attachments without having to change the behavior of users, companies can drastically reduce their chances of major or impactful breaches.

 

___________________________________________________________________________________

Grey Market Labs® is a Certified B-Corp founded with the mission to protect life online. Our Replica™ platform orchestrates, automates, and secures Environments-as-a-Service, making organizations more protected with our patented privacy and Zero Trust architecture and more productive by increasing access to critical data, tools, and workflows simply, on-demand, anywhere. Replica™ support of dozens of use cases that span industries: from disrupting fraud on the dark web, to supporting military operations, combatting human trafficking, and enabling trusted data sharing in healthcare. 

Grey Market Labs® is the first cybersecurity product company recognized as a Certified B-Corp organization.

Contact us to see how we can work together.

Jun 10
2

The New Battlefront 101: Propaganda

By | Cyber Warfare | No Comments

Information Warfare

Propaganda

While misinformation and disinformation focus on the spread of false or inaccurate information, propaganda focuses on the spread of an idea or narrative intended to influence, similar to psychological or influence operations[1]. When people think of propaganda, they typically think of elections and people creating content about a candidate that is meant to harm or help that candidate. Another form of propaganda is getting people to access information that they aren’t supposed to have. In countries like China or Russia that have controlled media, pushing information that is considered “censored” information by the government is a form of propaganda. This information could be news sources or simply information platforms.

Russia just announced that it would block Instagram, expanding its social media crackdown that had already cut off access to Facebook and restricted Twitter[2]. Creating a way to allow Russians to access Instagram and other blocked social media and news sites will enable them to gain access to information that the government doesn’t censor. This ability to access censored information is propaganda in a non-traditional sense because it is meant to influence the viewer.

Every day, we are bombarded with propaganda – from political messaging to advertising campaigns, and there is no escaping it. We can combat the negative impacts of propaganda by increasing our awareness of the information around us and self-awareness about how we respond to it. Disinformation Nation (https://disinformation-nation.org/combat-propaganda) describes three effective strategies for combating propaganda centered around awareness and self-awareness. In brief, these strategies are

  • When you feel yourself emotionally react to content (e.g., outrage, fear, vindication, etc.), pause. Check the facts. Consider whether the content is worth sharing before sharing it.
  • Be aware (and as much as possible in control) of how you are tracked online. All the major content platforms recommend content they believe you will click on based on your past behavior. When you curate what information they have about you, you can limit the amount of propaganda you are exposed to.
    • User privacy valuing browsers (e.g., Brave and Firefox) and search engines (e.g., DuckDuckGo) to minimize your digital footprint.
  • Expand the diversity of viewpoints that you expose yourself to. This allows you to see when the content that you agree with is trying to exploit your beliefs. All content is biased, so seeing the other biases on a topic will enable you to form well-rounded, intellectually robust opinions instead of simply adopting the opinions of others.

 

***The next article in The New Battlefront 101 series will discuss how cyber attacks on institutions effect people beyond just the company or organization.

___________________________________________________________________________________

Grey Market Labs® is a Certified B-Corp founded with the mission to protect life online. Our Replica™ platform orchestrates, automates, and secures Environments-as-a-Service, making organizations more protected with our patented privacy and Zero Trust architecture and more productive by increasing access to critical data, tools, and workflows simply, on-demand, anywhere. Replica™ support of dozens of use cases that span industries: from disrupting fraud on the dark web, to supporting military operations, combatting human trafficking, and enabling trusted data sharing in healthcare. 

Grey Market Labs® is the first cybersecurity product company recognized as a Certified B-Corp organization.

Contact us to see how we can work together.

May 27
2

The New Battlefront 101: Cyber Attacks on Individuals

By | Cyber Warfare | No Comments

Cyber Attacks on Individuals

Individuals can be dramatically affected by cyber attacks and the resulting effect on their identity can be detrimental. Through cell phones and tablets, cybercriminals find it easier to access personal information. This information is collected, used, sold, or released depending on the information gathered. Celebrities and politicians are top targets for directed cyber attacks, but everyday people are also targeted. Most people have heard of celebrities’ nudes being released or politicians’ private affairs being published to discredit or embarrass them. However, everyday information is gathered from unsuspecting individuals, including bank account information, passwords, or additional personal information. Cyber attacks can occur in many ways, including[1]:

  • Access your personal computers, mobile phones, gaming systems, and other internet- and Bluetooth-connected devices.
  • Damaging your financial security, including identity theft.
  • Blocking your access or deleting your personal information and accounts.
  • Complicating your employment or business services.
  • Impacting transportation and the power grid.

When a cyberattack happens, the cybercriminal could take out loans, incur credit, accumulate debt and then flee without a trace. Leaving the individual to rehabilitate their identity through years of work while dealing with bad credit and financial instability. While companies can insure themselves against cyber attacks, individuals are more open to direct impacts. To limit the risks of a cyber attack, individuals should[2]:

  • Implement multi-factor authentication on your accounts and make it 99% less likely you’ll get hacked.
  • Update your software. Turn on automatic updates.
  • Think before you click. More than 90% of successful cyber-attacks start with a phishing email.
  • Use strong passwords, and ideally, a password manager to generate and store unique passwords.

Grey Market Labs Engineer, Emily Kresho, advises that “the keys to avoiding a cyber attack are prevention and education. Individuals should take advantage of antivirus software, virtual private networks (VPNs), a device’s built-in privacy settings, and other prevention methods. It is also important to research common and current cyber attack methods so they are easier to identify. An article might point out a popular technique used by attackers, and the next day you might notice that technique in a suspicious email.” Vigilance is the form of defense against cyber attacks. Keeping an eye on your accounts to catch any unknown or suspicious activity can stop cyber attacks before they get full access to your information.

 

***The next article in The New Battlefront 101 series will discuss how propaganda is used in information warfare to shape opinions.

___________________________________________________________________________________

Grey Market Labs® is a Certified B-Corp founded with the mission to protect life online. Our Replica™ platform orchestrates, automates, and secures Environments-as-a-Service, making organizations more protected with our patented privacy and Zero Trust architecture and more productive by increasing access to critical data, tools, and workflows simply, on-demand, anywhere. Replica™ support of dozens of use cases that span industries: from disrupting fraud on the dark web, to supporting military operations, combatting human trafficking, and enabling trusted data sharing in healthcare. 

Grey Market Labs® is the first cybersecurity product company recognized as a Certified B-Corp organization.

Contact us to see how we can work together.

Apr 29
2

The New Battlefront 101: Misinformation

By | Cyber Warfare | No Comments

Information Warfare

Misinformation

Misinformation is false or inaccurate information and is often spread widely to others, regardless of an intent to deceive. Misinformation itself isn’t a targeted battleground but instead turns into one when information is spread before ensuring it is correct.

The best way to combat misinformation is to research what the information is trying to say. Look into who is behind this information, what is the evidence behind it, and what do other sources say. If the information is an image or meme, doing a reverse image search on Google can verify that image. Another thing to look at is where the information is coming from. If the new sources are biased or neutral, that would completely change the information you are reading. People can check the bias on different media sites with Ad Fontes’ Media Bias Chart.

The monetization model of internet media today incentivizes engagement over the accuracy of information. Most people who spread misinformation on the internet are not doing so willingly; they simply share information they find interesting. Unfortunately, those who want to spread disinformation intentionally can take advantage of these incentives to leverage others as unwitting participants in their distribution of false information and obscure the original source in the process. Many of these false stories pose as plausible but sensational stories. Because it is common for information to be reposted many times without attribution, you may need to dig deeper than the immediate author to learn more about its origins. Grey Market Labs Chief Engineer, Justin Schmitt, recommends, “to search for portions of the article in a search engine; are parts of the article corroborated or copied from other sources? Are these sources reputable, biased, or are they content farms?”

Justin also suggests “to watch for any signs of deep-fake or AI-generated imagery currently in use. Familiarize yourself with common AI imagery capabilities so that you can spot them when you find them in use. For example, ThisPersonDoesNotExist.com demonstrates some AI imagery techniques that some may use when attempting to fake profile pictures. Refresh the page a few times, and you will notice that these AI images, while realistic, often have distinctive patterns which can be used to identify them.”

While misinformation can be intentional or not, its impact on the public’s opinion is extreme. In that sense, this is the more effective and efficient form of cyber warfare because the ability for information to reach many different audiences is unbeatable. All someone needs is a simple share from one other person, then that information goes beyond the initial network and reaches a tenfold audience.

 

***The next article in The New Battlefront 101 series will discuss how cyber attacks on institutions affects everyday life.

___________________________________________________________________________________

Grey Market Labs® is a Certified B-Corp founded with the mission to protect life online. Our Replica™ platform orchestrates, automates, and secures Environments-as-a-Service, making organizations more protected with our patented privacy and Zero Trust architecture and more productive by increasing access to critical data, tools, and workflows simply, on-demand, anywhere. Replica™ support of dozens of use cases that span industries: from disrupting fraud on the dark web, to supporting military operations, combatting human trafficking, and enabling trusted data sharing in healthcare. 

Grey Market Labs® is the first cybersecurity product company recognized as a Certified B-Corp organization.

Contact us to see how we can work together.

Apr 22
2

The New Battlefront 101: Cyber Attacks on Governments

By | Cyber Warfare, Data Protection, Risk and Liability | No Comments

Governments are a major target of cyber-attacks, which increases during times of conflict. The primary goals of cyber-attacks focused on government and governmental organizations are gathering information, disrupting critical infrastructure, and eroding public trust.

Collecting and Compromising Data: Governments have massive amounts of information on citizens, businesses, academia, and intellectual property that are lucrative targets, especially with the United States’ posture toward Freedom of Information and transparency in government. Even more sensitive is information on military or otherwise classified activities. These could be as simple as communications between embassies on upcoming events or as sensitive as transferring weapons to the Ukrainian military. Regardless, it is a rich target for anti-government militia, international terrorists, industrial espionage, nation-state spies, and any other flavor of cybercriminals. Suppose cybercriminals can steal that non-public data from governments. In that case, they can sell that data, hold it as blackmail, or release it to cause damage to an administration, business, or group of citizens. While not having his data collected through cyber attacks, Alexander Hamilton was a known victim of blackmail. Many victims of blackmail won’t come forward as he did, but with the amount of information that can be accessed on the internet, it can be assumed that the number of blackmail cases has increased.  

Taking Down a Nation: Critical infrastructure includes the vast network of highways, connecting bridges and tunnels, railways, utilities, communications, and buildings necessary to maintain normalcy in daily life. Transportation, commerce, clean water, and electricity rely on these vital systems[1]. These sectors are typically controlled by a government organization or a regulated company that works with the government to provide the service. The energy sector is one of the main targets of cyber-attacks against critical infrastructure, but it is not the only one. Transport, public sector services, telecommunications, and critical manufacturing industries are also vulnerable. The goal of cyberattacks on these sectors is to disrupt economies, destroy critical infrastructure, and disable public services. Our CEO, Kris Schroeder, discussed the goals of Cyber Attacks in a recent ABC News segment. Governments need to decide how to deal with the cybersecurity risks associated with both the physical and cyber systems and assets that control all sectors. Since the incapacity or destruction of one of these sectors would have a debilitating impact on physical or economic security or public health or safety, governments cannot avoid this risk. So they must try to mitigate the likelihood of an attack or transfer the responsibility of an attack to a third party.

Eroding Public Trust: Suppose citizens feel that their government can’t protect them from attack, their faith in their government would decrease. Cyber attacks will only grow in their severity and impact, which will result in increased tensions between governments and citizens. Governments are meant to act as digital stewards and showcase how to react to a cyber attack. However, cyber attacks have caused increased tension between governments, especially the superpowers, so there has been a lack of digital stewardship. The World Economic Forum’s (WEF) annual Global Risks Report highlights the erosion of public trust around governments’ ability to prevent, counter, and retaliate against cyber attacks. WEF specifically calls out that “without mitigation, governments will continue to retaliate against perpetrators (actual or perceived), leading to open cyberwarfare, further disruption for societies, and loss of trust in governments’ ability to act as digital stewards.”

Cyber attacks against a government or nation rarely take a single form. This was especially clear in the Colonial Pipeline cyber attack, which took out a critical infrastructure pipeline. The lack of communication and misinformation eroded public sentiment and trust, causing panic buying of fuel. Grey Market Lab’s Chief Engineer, Fred Kenowski, experienced this impact directly, “working remotely, I don’t depend on driving daily to do my job. However, living in a rural area, many folks depend on a steady fuel supply from a limited number of gas stations for their lengthy commutes, trips to the store, or to keep all their farm equipment running. Shortly after the pipeline shut down, there were long lines at the gas stations filled with folks running on empty or panic buying and stocking up. Later the following day, all the pumps in the county were closed because they were out of gas. It wasn’t initially clear when the pumps would turn on again, and it created a lot of concern with many I spoke to questioning if they would be able to work soon if service wasn’t restored quickly.”

Without clear communication from the government and an immediate solution in sight, there was a lot of panic buying that drained the Just-In-Time supply chain of fuel quicker than was necessary. Prevention is the best medicine, but strong plans must be in place to mitigate the inevitable cyber attack that breaks through and the likely human response it will trigger. The White House released a Best Practices Fact Sheet following the Colonial Pipeline cyber attack focusing on establishing an interagency response group to monitor and address the cyber attack. The US Government Accountability Office created an outline to put the United States in a better position to prevent or more quickly detect and mitigate the damage of future cyberattacks by highlighting the need to develop and execute a more comprehensive federal strategy, mitigate global supply chain risks, and enhance the federal response to cyber incidents[2]. Government should continue to embrace concepts to fundamentally change the landscape and render some of these attacks irrelevant: zero trust architectures, specifically those with isolation, limit the scope of any attack and advanced approaches like moving target defense (i.e. rotation of computer settings on a regular basis) make hacking attempts fail because criminals are always seeing different settings and don’t have a fixed thing to attack.

 

***The next article in The New Battlefront 101 series will  discuss how misinformation affects public perspective.

___________________________________________________________________________________

Grey Market Labs® is a Certified B-Corp founded with the mission to protect life online. Our Replica™ platform orchestrates, automates, and secures Environments-as-a-Service, making organizations more protected with our patented privacy and Zero Trust architecture and more productive by increasing access to critical data, tools, and workflows simply, on-demand, anywhere. Replica™ support of dozens of use cases that span industries: from disrupting fraud on the dark web, to supporting military operations, combatting human trafficking, and enabling trusted data sharing in healthcare. 

Grey Market Labs® is the first cybersecurity product company recognized as a Certified B-Corp organization.

Contact us to see how we can work together.

Apr 05
2

The New Battlefront 101: Introduction

By | Cyber Warfare, Risk and Liability | No Comments

Battles and wars were previously fought head-on, on a physical battlefield, but now we are seeing a transition in how and where battles are fought. These battles are now fought in the digital and physical worlds. This way of fighting will become the new normal, especially when developed countries are at the forefront. In this article, we will cover what cyber attacks are, how they happen, and what you can do to protect information.  We will also cover information warfare and how information can be used to change public perspective.

More cyber attacks are being announced and everyday sensitive, proprietary, and vulnerable information is at risk. Recently, Microsoft had partial source code pertaining to Bing and Cortana stolen as part of a cyber attack. The White House also just warned about possible plans by the Russian government to target critical American infrastructure and released a best practices fact sheet for institutions and individuals to refer to in order to protect themselves.

Cyber attacks aren’t the only type of digital warfare that people need to be concerned about. Information warfare has profoundly and permanently changed how wars are fought. People are using the internet during almost every waking moment of their lives. Every time they actively access the internet (to check the weather, access Instagram, transfer money, etc.), they are being bombarded by information. Additionally, people are having their information collected whenever they access the internet, including passively by their installed apps collecting data from phones at all times. That information is then distributed to data actors who sell or act on the collected personal information.

Cyber Attacks

Anyone can be a victim of cyber attacks, and they are common as ever now. Personal information, account information, and anything posted online is at risk for a cyber attack. These cyber attacks aim to disable, disrupt, destroy, or control computer systems or to alter, block, delete, manipulate or steal the data held within systems and accounts. Every major company or government in the world has had some sort of cyber attack. Those attacks can result in breaches of information or systems being shut down. Below are some of the most common types[2]:

  • Malwareis malicious software, including spyware, ransomware, viruses, and worms. Malware breaches a network through a vulnerability, typically when a user clicks a dangerous link or email attachment that then installs risky software.
  • Phishingis a type of social engineering attack often used to steal user data, including login credentials and credit card numbers. It occurs when an attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message and providing personal or sensitive information.
  • Man-in-the-middle(MitM) attacks, also known as eavesdropping attacks, occur when attackers insert themselves into a two-party transaction.  The goal of an attack is to steal personal information, such as login credentials, account details and credit card numbers.
  • denial-of-serviceattack floods systems, servers, or networks with traffic to exhaust resources and bandwidth. As a result, the system is unable to fulfill legitimate requests.
  • Structured Query Language (SQL)injection occurs when an attacker inserts malicious code into a database that uses SQL and forces the server to reveal information it usually would not.
  • zero-day exploitis an unknown exploit that exposes a vulnerability in software or hardware and can create complicated problems well before anyone realizes something is wrong.
  • DNS tunnelingis a method of cyber attack that encodes the data of other programs or protocols in DNS queries and responses. DNS tunneling often includes data payloads that can be added to an attacked DNS server and used to control a remote server and applications.

Since cyber attacks are inevitable, people, institutions, and governments must decide how they want to respond to these attacks’ risks. The different risk mitigation strategies for cyber threats are Mitigate, Avoid, Transfer, Accept, and Escalate a Risk. To mitigate risk is to do something to reduce the impact or the probability of a threat. Organizations can avoid risk by choosing different products, adding additional security to their information, can hire additional resources, adopting different technical solutions, or changing project scope. Transferring risk puts the risk on another party, typically by outsourcing that operation to another organization. So, the new organization is responsible for the risks. When organizations decide to accept the risk, they decide that risk is an acceptable risk and will not take any actions to mitigate the risk.

Cyber attacks can threaten someone’s way of life. Still, the risks and chance of attacks decrease dramatically through proper education and preparation. The government, private companies, and nonprofits all share ways to protect yourself, such as Cybersecurity & Infrastructure Security Agency, FireEye, and “No More Ransom”.

Information Warfare

Information has been the maker and breaker of wars, as generals relied heavily on information gathering about opposing forces when making their battle plans. George Washington credits his spies and information gathering as a key reason for defeating the British. It’s no different today on the cyber battlefield. The advent of the internet in the mid-1980s has restructured the landscape of information sharing, availability, gathering, and dissemination. However, just because all this information is out there doesn’t mean that this information is good. The saying that “a lie can travel around the world and back again while the truth is lacing up its boots” was true when Mark Twain said it and still is today.

Misinformation (Fake news, fabricated images, and clickbait articles) are spread faster and further than researched-backed information. Facebook has been fighting a losing battle with falsified information, and everyone has seen that information on their feed. For example, 49% of adults in the United States shared information online, which they later found was made up[1]. People often don’t even know that they shared information was incorrect until after the fact. Still, by the time they realize the information has already been circulated to their connections. However, in the same survey, 10% of those adults admitted to sharing information online that they knew was false which introduces a new problem of disinformation – the practice of knowingly spreading false information.

False information creates worlds of problems, but just the ability to access information and the promotion of information is another tactic used in information operations or information warfare (aka IW). GAO.gov defines Information Warfare as the use of information-related capabilities during military operations to influence, disrupt, corrupt, or usurp the decision making of adversaries and potential adversaries while protecting our own. Propaganda is one example and has been used for centuries to spread information to different groups that may not have access to that information. While propaganda itself has a bad connotation, it can be beneficial and involves many different ways of sharing information. Propaganda can be written, musical, or visual and plays upon and channels complex human emotions towards a desired goal. The Uncle Sam poster is the symbol of American patriotism starting in World War I and We can do it! poster became a symbol for female workers’ morale in World War II.

Misinformation, disinformation, and propaganda all have their place on the cyber battlefield. They all rely on the spreading of information to influence public opinions and alter outcomes of diplomacy, negotiations, and all out conflict.

 

***The next article in The New Battlefront 101 series will  discuss how cyber attacks on governments effect everyone.

___________________________________________________________________________________

Grey Market Labs® is a Certified B-Corp founded with the mission to protect life online. Our Replica™ platform orchestrates, automates, and secures Environments-as-a-Service, making organizations more protected with our patented privacy and Zero Trust architecture and more productive by increasing access to critical data, tools, and workflows simply, on-demand, anywhere. Replica™ support of dozens of use cases that span industries: from disrupting fraud on the dark web, to supporting military operations, combatting human trafficking, and enabling trusted data sharing in healthcare. 

Grey Market Labs® is the first cybersecurity product company recognized as a Certified B-Corp organization.

Contact us to see how we can work together.

Mar 08
1

Ukraine is at war, and so are you

By | Cyber Warfare, Information Security | No Comments

The full-scale invasion of Ukraine was beyond most expectations. Many of us watching the developments felt that Russia would take the easy gains of the eastern separatist region of Ukraine and slowly eat away at the rest of a sovereign nation over the coming years. The brutal and relentless approach Russia is taking instead shows the broad and global power grab taking place.

The Ukraine military is and will continue to put forth a strong fight against an opponent with overwhelming resources. Cyber-attacks including distributed Denial of Service (DDoS) that hit the Ukrainian defense and banking sectors will be launched as often as actual bombs in this war. The lack of widespread reporting of cyber attacks does not mean they aren’t happening. Much like a cancer, cyber is mostly invisible and once the attack is public or the effects seen, it is too late.

Unlike a cancer, this war and associate damage will not stay within the borders of Ukraine. On the digital battlefield, the intensive attacks and methods Russia and Russian-sponsored hacker groups (like Sandworm) use to weaken Ukraine are indiscriminate. These sophisticated attacks automatically and autonomously search out and infect other systems that can be compromised. Once these “worms” are launched, no human has control over where and when these virus’ attack or how far they will reach. Two public and destructive instances have already been used by Russia.

First, in conjunction with the start of the Ukraine invasion, satellite internet provider Viasat (a U.S. company) had a large outage of its service due to a cyber attack. This affected Ukraine but also tens of thousands of subscribers across EU and NATO countries. More importantly, 5300 wind turbines were knocked offline in Germany and Central Europe. Clearly attributed to Russia, these are examples of the widespread collateral damage of modern cyber warfare.

Second, last Wednesday the U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced that an older threat called “Cyclops Blink” was reactivated and may be able to access more networking devices that originally thought when it was discovered in 2019. Russian-backed hacking groups used similar approaches to deploy malware like WannaCry and NotPetya, which each inflicted worldwide damage costing billions of dollars.

So now, if we consider that these cyber attacks have been as destructive as bombs or guns, Central and Western Europe and a U.S. company have already been attacked and every internet connected country is vulnerable to the cyber battle in Ukraine. Vladimir Putin has declared that a “no-fly zone” or direct military support to Ukraine would be considered an act of war. What do we call a cyber attack that takes out major electricity providers in Germany? Does that not equate to an already launched act of war? The US and our allies need to revisit the rules of what is considered an “act of war” and increase the accountability of any nation that threatens national sovereignty in any domain: land, sea, air, space, and cyberspace. Bring together a coalition to rewrite the rules of engagement for cyber, bring the commercial community (with their experts and skilled Threat Centers) to the table as partners in this effort and as fellow combatants in this war.

Today, we need to continue the pressure and increase support to defeat the Ukraine invasion on both the physical and cyber battlefield. A fallen Ukraine changes the physical security of Europe. Even worse, a fallen Ukraine tells Russia, and others, that there is no consequence for cyber damage, collateral or otherwise. If that is the case, NATO nations should prepare themselves to be the next targets.

___________________________________________________________________________________

Grey Market Labs® is a Certified B-Corp founded with the mission to protect life online. Our Replica™ platform orchestrates, automates, and secures Environments-as-a-Service, making organizations more protected with our patented privacy and Zero Trust architecture and more productive by increasing access to critical data, tools, and workflows simply, on-demand, anywhere. Replica™ support of dozens of use cases that span industries: from disrupting fraud on the dark web, to supporting military operations, combatting human trafficking, and enabling trusted data sharing in healthcare. 

Grey Market Labs® is the first cybersecurity product company recognized as a Certified B-Corp organization.

Contact us to see how we can work together.