Going out on a foot-thick oak limb, I’d say that global security, cybersecurity being implicated, stands precariously as of late. What might first come to mind is the continuing Russia-Ukraine conflict. If you have a general familiarity with the subject matter of this column, you might also conjure up all the cyberwarfare factors and hacking activity related to Russia and Ukraine. I’ve barely touched on anything else during the past few weeks of writing.
That’s arguably appropriate, my having heavily weighted the discussion with the Russia-Ukraine conflict’s cybersecurity risks. It is now acceptably part of the theater of war and like most things technological it has advanced too far to have any hopes of war devolving back to “mere” armaments and in-real-life fighting. The cyber piece of the conflict is so prevalent that at least one reputed cybersecurity firm that studies global hacking activities reported astounding results from a scan of the system recently. Of all the billions of cyberattacks acknowledged over a few days of reporting, 61% of them were against Russia. Another 23% aimed at Ukraine. That’s right. Nearly nine of every 10 security incidents related to technological attacks focused on just these two nation-states.
You should be inclined to home in on and try to understand the fact that billions of incidents occur, much less that there’s that much activity in a matter of days. There are only around seven billion people, so how can much hacking action take place in but a few thousand minutes’ time? Regrettably, and actually, these numbers are defensible. The amount of daily cybersecurity attacks is staggering. Personally, I’ve become immune to the sticker shock, of sorts, that the numbers should evoke. This factor alone, and even if it would forever reflect that 90% of the risks were relegated to two countries, should impress you as a meaningful force in terms of global security.
In Russia and Ukraine, the incidents include disrupting internet traffic with distributed denial of service attacks. These cases happen when a hacking group bombards computer systems with so much incoming data that it overwhelms, and effectively shuts down, the targeted computers. When you learn of Ukraine’s governmental offices’ computers going dark, it’s likely due to a DDoS attack. Russia’s television networks were taken offline by hacktivists. The U.S. and Russia are in a war of words related to threats against the Kremlin’s satellite systems. As the report read, the vast majority of all the world’s cybersecurity threats are hyper-focused on the conflict.
My point today is that we nevertheless need to be wary of the rest of the world’s technological risks. Ten percent of billions of cyber incidents represents immense concerns amongst the remainder of the world’s political bodies. Being distracted and deeply involved in trying to manage and quell the Russia-Ukraine conflict cannot serve as an excuse, or even an explanation, of letting other ongoing threats go untended.
Take, as one glaring example, North Korea. For the ninth time this year it has enacted missile testing. The most recent events in late February and early March included a new intercontinental systems. Missiles, as compared to cyberwarfare strategies, are of course the more traditional ways to wage war. Today’s missiles are full of technological components, and rely on technologies for their development. We’re far beyond a fuse-lighting stage in the launching pattern.
Because of the Democratic People’s Republic of Korea’s escalation of missile tests, and in the face of Russia-Ukraine deserving, at par, 90% of our security intelligence efforts, it is a time in the modern security environment to somewhat freak out. How in the world, our world, can all of these threats be managed and mitigated?
Our current administration has answered that rhetorical question during its daily briefings and constant work, both diplomatic and warlike in nature, as regards the conflict. The sanctions. The threats. The support of Ukraine. Strategic partnering with both other nation’s administrations and with coalesced groups of them, such as NATO and the U.N. These responses and more are ongoing, and you and I are feeling their resonations; one place, the fuel pump, is an acute example. Meanwhile, the administration has peeled off a small contingency of federal government capacity to address the missile tests directed by the hereditary dictator Kim Jong-un.
In the interest of securing “American homes, the American homeland and our allies,” the Indo-Pacific Command ramped up its activities in the Yellow Sea. The U.S Department of Treasury also is responsive. Though it cannot supplant the military’s readiness efforts, it does complement them. It goes back to the nature of modern missile technologies, with the emphasis on tech. There are already gads of rules dealing with exporting technologies into places around the globe such as North Korea, where scientists and engineers transfer those technologies into serving their supreme leader’s warring whims. Now, those barriers are growing stronger still.
Treasury, for all the right reasons I hope, is staying mum on the details. It contends that the new prohibitions will further prevent the DPRK from gaining access to certain technologies that can advance its illegal weapons programs. The ideal is that the new prohibitions redirect the regime toward more diplomatic discourse. Sure.
There’s not a lot of hope from this desk that North Korea subsides and backs down. Call me cynical, but we’ll learn of more tests sooner than later. The next wave is predicted to have as its guise a space launch.
It isn’t all about North Korea. It’s not all about the Russia-Ukraine conflict. It’s not hinged on the world economy, how cryptocurrencies might affect the same as recessions loom. It cannot be all about any one thing, catastrophic as so many seem to be. For us, maybe, it’s easy to keep a narrow focus, usually provided by social media and TV. Global security, however, is nearly unlimited in scope.
Ed is a professor of cybersecurity, an attorney, and a trained ethicist. Reach him at firstname.lastname@example.org.