The world is 'clearly' not prepared for cyberwarfare

One-third of IT and security professionals globally say they are either indifferent or unconcerned about the impact of cyberwarfare on their organizations as a whole, according to a survey of more than 6,000 across 14 countries.

Security firm Armis commissioned the study, published today, in an effort to gage cyberwarfare preparedness while the first hybrid war wages on for nearly a year in Ukraine and nation-state cyberspies make headlines almost daily. 

The survey asked 6,021 respondents if they were confident that their organization — and government — could defend against cyberwarfare. 

"The answer is clearly no," the report says.

In an interview with The Register, Armis VP Chris Dobrec, said the finding that 33 percent of respondents aren't too concerned about cyberwarfare surprised him.

"Given the emphasis on cybersecurity over the last decade, where it's gone from stealing data to industrial espionage to out and out extortion with ransomware," he said. "And clearly the situation in Ukraine has heightened awareness. The geopolitical situation, from my perspective, has on the one hand, heightened awareness. But I was surprised that a third of respondents still don't feel prepared."

The incongruence rings true. Cybersecurity and organizations' cyber preparedness took center stage in Davos at last week's World Economic Forum. During the annual meeting, the WEF released its 2023 Global Cybersecurity Outlook [PDF], which found that 91 percent of respondents believe a catastrophic cyberattack is at least somewhat likely in the next two years. 

However, the respondents also cite a number of challenges, including trouble retaining trained staff in a competitive market and constantly evolving technologies and regulations, that leave them ill equipped to respond.

Similarly, a US General Accountability Office report [PDF] published last week found federal IT systems and critical infrastructure face serious cyber risks that could harm human safety, national security, the environment, and the economy.

"We've made 335 public recommendations in this area since 2010," the GAO said. "Nearly 60 percent of those recommendations had not been implemented as of December 2022."

Almost half of orgs experienced 'act of cyberwar'

The Armis report echoes similar concerns. About 64 percent of those surveyed agree the war in Ukraine has heightened the threat of cyberwarfare. Additionally, 54 percent who said they are the sole IT and security decision maker for their organization said they've seen more threat activity on their network between May and October 2022 compared to the six months prior.

Additionally, 45 percent said they have had to report an act of cyberwarfare to the authorities.

But while almost a quarter (24 percent) of global organizations say they feel unprepared to handle the cyberwarfare threat, the lowest-ranked "security element" is preventing a nation-state attack, with only 22 percent selecting that as their top priority.

To be fair: several of the IT and security professionals' top priorities could fit under the heading of things to protect from nation-state attackers or indicators of a nation-state attack. Data protection topped the list with 60 percent choosing it as the No 1 priority. 

The others are: intrusion detection (43 percent), vulnerability management (39 percent), threat visibility (38 percent), incident response (35 percent), risk assessment of IoT and OT connected devices (34 percent), preventing supply chain attacks (29 percent), machinery monitoring (24 percent), and, finally, preventing a nation-state attack – coming in at Number 10.

"I guess there hasn't been a strong enough correlation in security folks' minds that a lot of the criminal organizations behind the ransomware attacks of late are largely nation-state sponsored," Dobrec said. "So I'm hoping that this type of data brought out to the marketplace is going to increase awareness that you need to think about not only the cyber actors with economics in mind, but nation states behind them, as well."

• What keeps this FBI director up at night? China's AI work, for one
• Iranian cyberspies exploited Log4j to break into a US govt network
• Sandworm gang launches Monster ransomware attacks on Ukraine
• US offshore oil and gas installation at 'increasing' risk of cyberattack

Looking ahead, Dobrec said critical infrastructure operators and owners, followed by the transportation and logistics industries "should be on the highest alert" for nation-state or cyberwarfare attacks because these "could have devastating consequences from a human life perspective."

As the cyberwar element of the war on Ukraine has shown the rest of the world, the threat landscape is bigger than it used to be. 

"We used to spend all our energy on just the IT side of the house," Dobrec said. "But now we're seeing [cyberattacks against] OT systems, health-care systems, IoT, industrial control systems. The biggest thing that this is helping us to do is widen our aperture." ®