The current risk of cyber-attacks in Western society is, arguably, as high as it has ever been. Following the initiation of Russia's attack on Ukraine in early 2022, the National Cyber Security Centre (NCSC) urged UK organisations to bolster their online defences. Similarly, the Cybersecurity and Infrastructure Security Agency (CISA) and FBI warned of heightened threats to US organisations.

There is no doubt that during times of global change and unrest, cyber security becomes a battlefield of its own and both state and non-state actors have increasingly turned to cyber-attacks as a way to gain an advantage in warfare. Furthermore, with enhanced technology and an increasing number of devices connected to the internet, the scope and complexity for cyber-attacks has grown dramatically.

Cyber warfare can take many forms, including hacking into enemy state computer systems, spreading malware, and launching denial-of-service attacks. Entire towns and cities could be cut off from information, services and infrastructure that has become essential to the way we live such as electricity, online banking systems and internet, if a cyber threat is able to infiltrate the right systems.

According to the European Union Agency for Network and Information Security (ENISA), the threat to critical infrastructure from cyber warfare is significant and growing. Its report on the "Threat Landscape for Foreign Information Manipulation Interference (FIMI)" highlights that critical infrastructure, such as energy, transportation, and healthcare, is particularly vulnerable to cyber-attacks in times of war or political tension. In addition, cyber-attacks can also disrupt financial systems, causing immediate economic damage and impacting individuals. The report states that although citizens are not the primary target, they represented a secondary target in more than half of the events that were analysed. Cyber-attacks are particularly useful in manipulating perceptions en masse through, at the lowest level, inconvenience, up to the highest level which could result in the loss of life.

The frequency of attempted cyber-attacks against Ukraine serves to highlight that cyber threats can have devastating effects and will play a crucial role in deciding the outcome of the war. As such, the UK has developed the Ukraine Cyber Programme, a £6.35m package of support to protect Ukraine’s government and its critical national infrastructure from malicious Russian cyber-attacks. Nascent discussions are also starting about re-building Ukraine after the war. Even if military action comes to an end, there is a real risk that should Russia withdraw, it may continue or even increase cyber-attacks against Ukraine and those whom assist it in the aftermath. In which case, there may be an even greater need for cyber security firms to protect rebuilt infrastructure.

Another challenge with cyber-attacks is the threat actor's ability to remain anonymous, making it difficult to attribute the attack to a specific individual or group. The use of private companies and individuals as proxies in cyber-attacks only serve to further complicate matters and in the initial stages of an attack, it may be difficult to fully appreciate the extent of the risks posed and true motivations behind it.

The risk to businesses as the use of cyber warfare increases

War and military conflicts can create a business environment that is conducive to cyber-attacks, as adversaries may seek to target businesses or sectors that are seen as important to a country's economy or infrastructure. They may also go for symbolic targets such as media outlets or high-profile brands associated with a nation state. Additionally, the use of cyber-attacks in war can also create a general sense of chaos and uncertainty, which can be used to exploit vulnerabilities in businesses' cyber defences.

Cyber-attacks on a company's computer systems, networks and servers can cause delays and shutdowns, which can lead to a direct loss of productivity and revenue. However, they can also damage reputation, lead to regulatory action being taken (resulting in the possible imposition of fines) and result in loss of customers. The global cost of cybercrime was estimated at 8.4 trillion U.S. dollars in 2022 and is set to surpass the 11 trillion U.S. dollar mark in 2023, and by 2026, annual cybercrime costs worldwide could exceed 20 trillion, demonstrating the extent of the damage caused by such incidents.

Another risk is the potential for a cyber-attack to exfiltrate sensitive information, such as intellectual property, financial data, and personal data of employees and customers. This information can be used for economic espionage, corporate sabotage, or even used as leverage in negotiations. Additionally, cyber attackers can also use this stolen data to impersonate the company or its employees and launch further attacks.

Data and information that is stored by businesses is at great risk, including for those businesses which are, or have previously been, engaged in business with Ukraine. 

At times of unrest, whether political unrest, or global health challenges such as Covid-19, businesses should ensure they are not only vigilant but prepared for cyber security risks.

To mitigate these risks, businesses should take proactive steps to strengthen their cyber defences, including being self-critical of existing defences through routine auditing and third-party testing. Training employees on how to identify and respond to cyber threats is also important. Additionally, businesses should regularly conduct security assessments to identify vulnerabilities and implement mitigation strategies.

Andrew Parsons can support with helping organisations maintain good cyber security practices and handling to data breaches.

For more information, visit the re:connect hub.

This article was originally published on TechUK, as part of National Security Week (#NatSec2023).

This article is for general information only and reflects the position at the date of publication. It does not constitute legal advice.