Over the last few months, cybersecurity has frequently been front-page news globally, not only due to the scale of recent incidents but also because the activity was attributed to nation-state actors. The attack on SolarWinds has shaken the American administration, though we have also seen reports of nation-backed attacks in India and Europe.
These prominent events come on the back of a year in which cyberattacks increased worldwide. If we look at India alone, the Indian Computer Emergency Response Team reported that over 26,000 Indian websites were hacked during 2020, compared to a total of 17,560 and 24,768 respectively in 2018 and 2019. Sanjay Dhotre, the Minister of state for electronics and information technology, also noted the number of cybersecurity incident reports has almost doubled in comparison with the previous year.
Globally the trend was similar criminals exploited our increasing reliance on information technology during the pandemic and even targeted healthcare providers and vaccine manufacturers. This cannot stand, and we need to ensure that rules and regulations clearly prohibit such attacks and that our cybersecurity defenses are ready for these new challenges.
The dual challenge: Industry perceptions
Companies that make up the Cybersecurity Tech Accord, a coalition of more than 150 global technology companies, are not alone in perceiving this dual challenge. Earlier in the year, we partnered with the Economic Intelligence Unit (EIU) to conduct a survey, which explores corporate perceptions of state cyber actors in particular. The results were clear – irrespective of geography, companies are not only aware but concerned about state-based threats and the potential impact on their business.
However, while the executives interviewed in the survey claim to be well prepared to face such threats, experts disagree. Recent events have also shown that many organizations failed to implement even the most basic cybersecurity practices. To help focus organizations on protective and effective measures, the Cybersecurity Tech Accord has focused on promoting cybersecurity hygiene – from encouraging multi-factor authentication and sound password policies to driving awareness on the importance of patching and implementing a vulnerability disclosure process.
That is not to say that organizations should not be leveraging the latest technologies – cybercriminals certainly are. Deep tech, such as artificial intelligence (AI) and machine learning, is not only being used to enhance efficiency and help us navigate our increasingly complex online environment, but also to commit crime. As the respondents to the survey rightly recognize, utilizing these emerging technologies as part of cybersecurity defense will likely afford the greatest levels of protection against cyberattacks conducted by states or affiliated actors. For example, AI and machine learning allow companies to implement predictive analytics tools, which help them identify network anomalies, detect malware, and potentially detect fraud through user behavior patterns. Furthermore, companies can use AI to enhance the effectiveness of their security operations against adversarial AI and decrease threat detection time as the program learns.
The role of multistakeholder initiatives and collective action
There is a second element to protecting organizations from state-based cyberthreats – ensuring that these attacks are not legal or accepted by the international community. When asked about what could be done globally, survey respondents highlighted “more international economic and political cooperation.” Notably, a substantial number of respondents saw the biggest opportunity to increase the stability of cyberspace, in agreeing on an international treaty that would seek to reign in malicious state behavior.
We agree. In fact, calls for greater collaboration, implementation of existing norms, and agreement on how international law could be applied in this space have been central to our work. However, we also believe that the technology industry and civil society need to participate in these discussions. Our online environment is largely run, operated and owned by private sector actors, thus it is critical that the voices of those who know the technology best are heard. To this end, we have advocated for greater inclusion in relevant discussions and multistakeholder initiatives, including: the Paris Call for Trust and Security in Cyberspace and the UN’s Open-ended Working Group on developments in the field of information and telecommunications in the context of international security (OEWG).
We believe a combination of cutting-edge technologies, international and domestic agreements and law, and multistakeholder collaboration can help secure our online environment. We remain optimistic but acknowledge that implementing these changes require hard work, and time is running out.