The number, sophistication and targets of cyber attacks are constantly increasing. According to an expert panel of ENISA, the European Union’s cybersecurity agency, malware (Malware) is the biggest threat in the digital world and has been so mastered that it has become undetectable, like the modern Black Lotus sold on the dark web or underground. The actions with the highest growth are identity theft (phishingrobbery and kidnapping by extortionransomware). And not only vectors (means of transmitting malicious code) multiplied, but also their consequences. In the face of the globalization of attacks, according to participants in the recent European Forum on Cyber Policy, the response remains mostly individual, despite attempts to formulate common actions. “Finding a clear and common political line is absolutely necessary and absolutely crucial,” warns Denis-Kenji Kiebecker, a professor at the University of Bremen (Germany).
Cybersecurity is not only a problem for large companies or critical infrastructures, and its vulnerabilities are not limited. It “affects everything in life, from desktop control systems to medical devices, pacemakers, social networking or driving,” warns Christos Doligris, professor of computer science at the University of Piraeus (Greece). “It is a war, and unlike a traditional military, there are many actors, many parties involved, from states to private entities. In many countries we do not know what is happening. We have to find cooperative solutions at the international level.”
Despite attempts like ENISA’s, the agency was created to ensure the reliability of products, services and communications, as well as to cooperate with European countries in the field of cybersecurity, Christian Funk, head of global research and analysis at Kaspersky, the forum’s organizational entity, noted a “fragmented panorama”, with Large dark areas, such as China, or areas that are difficult to control, such as dark web (A network outside the public Internet).
Black Lotus has all the functionality needed to continue and operate indefinitely within an environment without being detected.
Scott Sherman, Computer Security Researcher
In this sense, researcher Scott Schafferman warned that there is a program called Black Lotus in the underground cybercrime market, which has a price tag of 5,000 euros, offering advanced persistent threat capabilities and is undetectable by current defense systems. As Sherman writes, the Black Lotus “has all the necessary functions to persist and operate indefinitely within an environment without being detected. This represents a leap forward in terms of ease of use, scalability, accessibility and, most importantly, a greater potential impact on forms of persistence, evasion and destruction.”
Added to this development in digital weapons is the broadening of its consequences. Funk notes that “even if the attacker’s intent is a specific target, the actual reach can extend much further.” One example is the group known as the Vice Society, which has been alerted by the US Agency for Cybersecurity and Infrastructure Security and the Federal Bureau of Investigation (FBI) to “disproportionate” kidnappings and extortion of education and health systems. However, its effects are greater. In a recent attack on a health zone in New Zealand this summer, it caused the cancellation of flights as the results of negative coronavirus tests for crew members could not be reached.
Kipker acknowledges some developments in the vision of cybersecurity, which, in his opinion, moved to a more casual procedure after focusing on critical infrastructures and digital services, such as cloud computing or digital markets. But he warned that there is a large technological gap in Europe that hinders its sovereignty and makes it dependent on outside parties. This is the case of the current semiconductor crisis, which has been exacerbated by the “increasing conflict between China and Taiwan.” In this sense, the German professor warns that digital security depends not only on programming, but also on the basic components of devices with important functions. “The EU should be more independent in its own production of key digital technologies to reduce its dependence on international companies,” he says.
The US Agency for Cyber Security and Infrastructure Security and the FBI have alerted a community lawmaker to “disproportionate” kidnappings and extortion of education and health systems
Everyone agrees that the only solution lies in “facilitating and accelerating the exchange of cybersecurity information in an efficient and reliable manner,” as summed up by the professor from Bremen. “As much as possible, yes please,” Funk adds. Douligeris joins this demand and extends it to the whole world: “We have to know what is happening in other places and what the problems and their needs are. In general, we focus only on China and Russia, but not on Africa, Southeast Asia or other developing countries.”
In this sense, the Greek professor acknowledges that “every country has its own approach and there is a different commitment to Internet security.” He points out that the United Nations has created a working group (Open-ended Working Group, OEWG) to which all member states are invited, but it is primarily a team of experts who have difficulty influencing legislation, he warns. However, he acknowledges that they, “at least, provide some ideas for having modern legislation on cybercrime and, if possible, at a global level”.
Collaboration, lots of dialogue, trust, and “open doors” advocate experts as the only way to deal with global digital attacks, some of which have been active for more than a decade with mutations becoming invisible and more complex, according to Funk.
For the German researcher, one of the obstacles to achieving this is the “increasing regionalization” that reduces trust between countries: “We do not trust anything that comes from foreign countries, and in my opinion we cannot stop that at the moment; it is not really possible” .
Fragmentation or global response
Faced with this fragmentation of response capabilities, Advanced Persistent Threats (APTs)—”they’re constantly improving, more effective and reinventing their offensive cyber arsenal,” explains Funk—are multiplying as well as simple attacks. In this sense, an Israeli study showed that a relatively small number of computers could perform large-scale DDoS (Distributed Denial of Service) attacks with a persistent campaign of false requests for information and with the goal of rendering the underlying infrastructure inaccessible.
One such example is the attack on three Catalan hospitals in October, which not only caused a temporary loss of access to services, but also compromised data confidentiality, as acknowledged by Consorcio Sanitari Integral (CSI).
The dispersion of response capabilities affects not only the public sphere. Vank warns that “most small and medium-sized businesses, while increasingly fearful of cyberattacks, are strangely not prioritizing their defenses.” He adds that “many organizations treat security incidents as an act completely out of control or surrender to insurance to minimize damage. They confront them with a sense of powerlessness, and if this phenomenon spreads it may lead to public acceptance and consequent paralysis. He concludes: “Let us We don’t get into this when we can do better.”
Outside the European Forum, Proofpoint Security Chief Lucia Milică agrees on the need for global action: “From a broader perspective, beyond individual organisations, we see the growing need for the public and private sectors to come together to increase resilience and address urgent cybersecurity issues.”
Christos Douligeris adds that there is no need to be afraid to start from scratch and advocates for cybersecurity education from lower levels and for promoting cybersecurity-related careers. “People are missing,” he says. The Spanish situation is similar. According to the data of the National Institute of Statistics and the Spanish Association for Digitization, there are 120 thousand vacant technology job vacancies. Safety is one of the priority requirements for this sector.
Subscribe to continue reading