– Cyber war is increasing threat – Investors are not prepared for
– Third most likely global risk in 2018 is cyber war say WEF
– “Scale and sophistication of attacks is going to grow”
– EU, US, NATO lay down ground rules for offensive cyber war
– Ireland is viable target for attackers but is ‘grossly unprepared for cyber war’
– UK should expect attack that cripples infrastructure within 2 years
– Trump administration may use nuclear weapons in response to cyber attacks
– Cyber war designed to have a economic impact on countries
– Invest in physical assets as well as digital assets & currencies
– Avoid ETF and digital gold and own physical gold that is allocated and segregated
Editor: Mark O’Byrne
Cyber-attacks are the third most likely global risk for 2018, behind extreme weather conditions and natural disasters, according to a new report by the World Economic Forum.
Estimated to cost over $1 trillion per year, cyber-attacks are now more expensive than natural disasters which in 2017 brought in a bill of $300 billion.
“We are still under resourced in the amount of effort put into trying to mitigate this risk…Cyber is at or above the scale of natural catastrophes [in terms of financial damage caused] and yet the comparative infrastructure is much smaller in scale,” according to John Drzik of WEF report partner Marsh.
The World Economic Forum’s Margareta Drzeniek-Hanouz, head of economic progress, told a press conference that cyber-risks are affecting society and the economy in “new, broader ways.”
They now impact not just the corporate sector as we usually assume but also government infrastructures and the geopolitical sphere. Arguably we are also seeing them shape societies.
The report’s launch comes at a time when cyber-attack warnings are coming in thick and fast. Governments have been warned this week that they are grossly underprepared for an attack which could see politics taken out of the electorate’s hands, billions wiped from financial markets and chaos generally created between otherwise peaceful nations.
The average citizen and investor is only vaguely aware of these risks and has yet to “join the dots” and realise the real risks they pose to economies, financial markets and people’s online savings and investments.
This is becoming urgent and yet complacency is common place with financial media focus on soaring stock markets and parabolic crypto currencies.
Governments, financial service providers, banks, brokerages are all grossly underprepared for a cyber-attack which means that your assets are vulnerable.
Governments unprepared
This week at the incredibly ‘in-touch’ event that is Davos a public-private platform in the form of a Global Centre for Cybersecurity will be launched.
“Cyber-risk is rapidly emerging as a major headache in boardrooms of all sorts of institutions around the world,” Marsh’s John Drzik told the recent press conference. The new center for cybersecurity will, (launched with Interpol) be a “framework in which there will be a better opportunity for leaders of institutions across the public and private sectors to pool information on their intelligence and response capabilities to get ahead of the curve on a number of these risks.”
Hopefully this is not a case of too little too late.
Throughout the world, including in the United Kingdom and Ireland, experts have been very vocal about the dangers that face entire nations.
CEO of Ward Solutions, Pat Larkin has told the Irish government that they need to ‘wake-up’ to the risks facing the country’s cyber systems as they are totally under prepared for what may come.
The country is completely unprepared for the “doomsday scenario” that was seen in Estonia, in 2007, Larkin warned via the Sun.ie in the first week of this year.
Intermittent but continuous power outages, attacks on the financial infrastructure, the transport and water infrastructure – to the point where it is significantly impacting the commercial and social activities of the citizens and damages the country’s brand internationally and its economy – would be the worst case scenario.
In a warning that is relevant to all technologically advanced and vulnerable nations, Larkin said:
“A continuous drip-feed of cyber attacks would lead to very unstable environment – a targeted attack like that on Ireland could wreak havoc on the country.
It would have a major impact on everyday life for citizens and businesses.
But it would also be catastrophic for the country’s foreign direct investment.
Major companies come to Ireland to invest for a number of reasons – the talent, tax environment – but they also come here because Ireland is a very politically stable country with good infrastructure and good services.
This is the major challenge for Ireland. Given that we are not well prepared or protected, if someone really did decide to target us they could inflict continuous long-term damage.”
Meanwhile in the UK, Ciaran Martin, head of the country’s National Cyber Security Centre, has told the Guardian:
“I think it is a matter of when, not if and we will be fortunate to come to the end of the decade without having to trigger a category one attack.”
A Category One (C1) attack can be defined as an attack that might cripple infrastructure such as energy supplies, banks (including ATMs) and the financial services sector.
Sadly it is not just country-based attacks that both Ireland, the UK and its contemporaries need to be aware of.
Ciaran Martin explains:
“What we have seen over the past year or so is a shift in North Korean attack motivation from what you might call statecraft – disrupting infrastructure – through to trying to get money through attacks on banks but also the deployment of ransomware, albeit in a way that didn’t pan out in the way the attackers wanted to.”
As well as North Korea, intrusions have been blamed on Russia, China and Iran. Some of these, Martin said, were espionage-based, scouting out vulnerabilities in infrastructure for potential future disruption.
Although the UK signed a treaty with China in 2015 not to engage in cyber-attacks for commercial gain, espionage was left out of the treaty.
“What we have seen from Russia thus far against the UK is a series of intrusions for espionage and possible pre-positioning into key sectors but in a more controlled form of attack from others,” he said.
The changing definition of war
What many nations in their cyber operations seem to be doing, including Russia and the U.S., is something that once would not have come under the definition of war. They (along with the likes of North Korea) are not using things that go ‘bang’ or cause physical harm and destruction.
Instead, they are using weapons which give them a greater advantage in this new multi-polar world which has made way for new forms of competing with one another.
In previous eras ‘war’ came about as a push for territory, now in this interconnected world, physical territory is easier to obtain once you have taken hold of the operating systems, the political system and even the minds of the electorate.
Whilst terrorism is still a priority for Western defence, a British Army Chief believes that the cyber threat, particularly from Russia is a more immediate concern.
As ever, let us hope that calm minds and the diplomats prevail and nations do not pursue the cyber war option.
Worryingly, this is not the attitude of the U.S. military and the Trump administration who, in simple terms, believe that the U.S. should use nuclear weapons in retaliation for a cyber attack.
That’s right, various drafts of the Nuclear Posture Review, as seen by the New York Times, suggest that the US would retaliate to a non-nuclear attack with nuclear weapons.
Journalists David Sanger and William Broad report in the New York Times that nuclear weapons can be used should an adversary conduct “non-nuclear strategic attacks … on U.S., allied, or partner civilian population or infrastructure.”
Quite simply, the new U.S. military doctrine seems to be threatening to nuke anyone who conducts a massively disruptive cyberattack on the po