The Risk from Worldwide Cyberwarfare To The Corporate World

November 11, 2018, was the 100th-year anniversary of World War 1 Armistice when the world is actually having a new world war. Not the conventional war between states involving arms, explosives, and military manpower, but rather cyberwarfare. Powerful state-supported actors, cybercriminal groups and individual black hat hackers are out there on the Internet, trying to outsmart one another in a 24/7 wars. This is not a secret fact, but rather an everyday occurrence that the traditional media itself is not expert enough to attempt to report.

The live attacks and intrusions using malware, worm, and other nasty techniques are documented by various monitoring centers around the globe. Some are:

• ThreatMap by Fortiguard
• Google’s Digital Attack Map
• Checkpoint’s Threat Map
• FireEye’s Cyber Threat Map
• Kaspersky’s Cyber Threat Map

We recommend our readers to at least visit one of the websites above, in order to fully understand what we are about to further discuss. A typical person will live their lives using technology confidently, believing that everything is in order. However, as the threat maps from various organizations reveal, organized cybercrime between nations, regions, and groups happen all the time, 24/7 and it does not rest.

It is somewhat ironic that the United Nations, organized with the goal of preventing world wars is basically powerless when it comes to cyberwar. How many times have we heard rhetorics from the United States, Russia, China, Japan and other powerful nations accusing one another of hacking each other’s systems? On the Internet, a country or its representatives can act both as the aggressors and the victims at the same time.

What is left in the conversation is the welfare of individual users, and SME’s (Small and Medium Enterprise) that are too little, too inexperienced and too budget constrained to establish their own credible cybersecurity defense. The bottom line there is no global organization or association can stop this network of cyber attacks and cyber warfare. It is every country, every region, every company and any individual for themselves and nothing more.

The only silver lining in the equation is the existence of penetration testing services, which all companies must evaluate of having. Penetration testing is not just hype but becomes a necessity in the wake of legislation of rules that govern and regulate the security of customer data. That is well known in the whole European Union as GDPR (General Data Protection Regulation). Other countries outside EU may have established their own data protection laws, that may negatively affect any company that will be lax with their cybersecurity arrangement.

Ethical hacker teams conducting penetration testing should be considered not as a cost, but rather a very critical investment for any company, including the Small and Medium enterprises to undertake. Being hacked, becoming a victim to a data breach or a virus infection is a bad PR for any company, in many cases, this may be enough for a business to declare bankruptcy due to lost customer confidence. Take the opportunity to prevent cybersecurity issue before it actually happens, as there is no going back once the bad news already reached the customers.