Cybersecurity on the global stage
From concerns over hacking of the U.S. presidential election by Russia to threats of cyberattacks on the 2020 Olympics in Tokyo to the theft of data from millions of customers in global companies each year, cybersecurity is more critical than ever.
The Need for Cybersecurity
In the first six months of 2019, 3,800 publicly disclosed global data breaches exposed more than 4 billion records, according to cybersecurity firm Risk Based Security. About 70% of those breaches exposed emails, and 65% included passwords. And the number of security breaches rose by 54% compared to the year before. A single hack can cost companies $82,000 to $256,000.
On a geopolitical level, the increasing ability for both hackers and governments to upend everything from elections to trade continues to grow. And the stakes have the potential to be even higher, resulting in catastrophes that could cost lives. At some point, hackers from anywhere in the world will have the ability to manipulate controls for nuclear power and chemical plants, as well as trade networks, disrupting global supply chains.
In addition to manipulating and stealing data, hackers can hold entire corporate and government networks hostage through the use of ransomware. Criminals hunt for security weaknesses to access IT systems. Once in, they install programs to encrypt sensitive data and demand ransom so that the network’s owner can regain access.
In 2019, New Jersey’s largest hospital network, Hackensack Meridian Health, paid ransom to criminals who took control of their system—but not before some of the network’s 17 hospitals had to cancel surgeries for patients.
In a similar attack in Germany in early 2020, car parts manufacturer Gedia Automotive Group had to completely shut down its IT operations, sending many of its 4,300 employees home. The company has a global footprint, and the attack also affected its locations in Poland, Hungary, Spain, China, India, the U.S., and Mexico. The hack included stealing 50GB of data on the company’s employees and customers, as well as drawings of the parts it manufactures and threatening to sell them to the dark web unless ransom was paid. The company says it could take months to securely get everything back online.
The U.S. faces escalating threats from countries. U.S. officials warned about the potential for cyberattacks in retaliation for the airstrike that killed Iranian general Qasem Soleimani in early 2020. In 2012 and 2013, Iran disrupted the online operations of several major U.S. banks in a move seen as payback for Western economic sanctions launched to halt its nuclear program.
Japanese Concerns on Cyber Crime
Cybersecurity is an issue that plays a significant role in Japan. According to a 2018 Pew Research Center survey of residents, 81% say cyberattacks launched from other countries is a major threat, up 10% from two years earlier. Cyberattacks are the top international concern among Japanese, with more finding it a major threat than climate change or North Korea’s nuclear program. Japan’s worry about cyber threats is higher than in most other countries. For example, 74% of residents in the U.S. view cyberattacks as a major threat, while 61% of South African residents have this view.
Japan has reason to worry. In one highly publicized gaffe, the deputy chief of the government’s cybersecurity strategy officer, Yoshitaka Sakurada, admitted he had never used a computer. He was also the minister in charge of the Olympic and Paralympic Games that Tokyo will host in 2020. He resigned in 2019.
The Olympics open Japan to a new level of potential cyber threats. The numbers are enormous: There were an estimated 500 million attacks at the 2016 Olympics in Rio, twice as many as four years before in London. One threat was thwarted in 2019 when criminals offered free tickets as a way to steal personal information. Potential threats include offering a free website to watch the games that download malicious software. Another attack could take over a scoreboard with fake emergency messages or jam mobile phone signals.
Japan has a shortage of more than 150,000 IT professionals, opening the door for American cybersecurity companies to begin doing business in the country. In an effort to combat a labor shortage in computer science and other fields, an initiative adopted in late 2019 will expand the number of people from other countries who can take a test to obtain a new type of work visa. Foreign students will also be able to stay in the country longer after graduation.
In a meeting between foreign ministers, Japan and the U.S. are working together to see how each can help the other in the event of a large-scale cyberattack. Elsewhere, other new government coalitions are forming to promote international standards for online behavior. And nonprofits, including the Cyber Peace Alliance and Carnegie Endowment for International Peace, are also working to reduce cyber threats.
New technologies like quantum computing and artificial intelligence could be used to help fight back against such crimes.
To prevent attacks, businesses need to take the basic step of ensuring databases are configured so they aren’t open to attackers. Backing up data is also key. It should be segregated away from a company’s main networks, such as in the cloud so it can’t be hacked at the same time.
Some important steps to stay safe include: All company employees should be trained in security awareness so they don’t fall prey to phishing emails. Employees should also limit communication between work and personal devices. Permission to administer file servers should also be restricted to a few key IT employees. Software should be continuously updated.
While preventing and fighting off cyber-threats can be daunting for both governments and businesses, continued worldwide vigilance is imperative.