Koen Gijsbers (Major General ret.) is an expert in digital innovation and cybersecurity strategies. He is former lead of NATO's IT and Cyber Agency and former Chef Information Officer of The Netherlands Ministery of Defense. Mr. GIjsbers works closely together with several international companies in digital and cybersecurity and helps start- and scale-ups to grow. He trains boards to better understand and incorporate digital risk in their organization. He will talk about cybersecurity threats on this year's DigitalK conference. More information on digitalk.bg and facebook.com/digitalkcon.
How would you describe the cybersecurity situation on global and state level - cases like SolarWinds make big waves, but are they as serious as they sound?
The resilience and security of our digital society is at high risk both at the global level as for nation states. While we see a positive effect of digitization for our economies and societies, we are not mitigating the new risks at the same pace. The result is an ever-increasing spiral of successful cyberattacks on our hospitals, critical infrastructure, universities, governments and companies.
Recently we saw ransomware attacks increasing, according to BitDefender 485% up in 2020 from 2019. While the attackers mostly have financial motives, they are disrupting our civil order and stability, using tactics of intimidation. The recent attacks through Microsoft Exchange Server have huge impact on many IT systems. Once the vulnerabilities were publicly announced, malicious actors were able to outpace IT patching management of hundreds of thousands of organizations and companies fell victim of data loss, to include intellectual property and business disruption. Criminal hacking is apparently so attractive, that these organization- their governments often turning a blind eye - are increasingly well resourced to execute very complex and geographically widespread attacks.
Is the internet already weaponized on said state level? And would it become even more so, given that this time the cold war is between the two most advanced states technologically, USA and China?
It depends on what you mean by weaponized. Yes, there are nation states that have the capability to execute cyber offensive action. Our police forces and intelligence agencies are operating in the digital world under strict legal frameworks. We have seen many successes, like the EncroChat hack by Dutch police forces, allowing them to help solve many cases internationally because conversations of criminals who thought they could communicate secretly could be followed. Several defence forces also have the capability to execute in cyberspace in conjunction with military operations under different rules of law.
Recently we have seen the news of a cyberattack on an Iranian nuclear installation, and one can only speculate who did this. It is publicly known that Israel has both the capability as the motivation to prevent nuclear powers in the region to exist. There is also evidence that China is using cyberattack to steal Intellectual Property of companies and universities, then producing innovations themselves without the necessary development cost. And yes, SolarWinds is being attributed to Russia in order to disrupt the digital stability of critical infrastructures and government, like they are doing in Ukraine. It is not just a technological development spiral of the USA and China. In my view the use of cyber as a means of achieving strategic objective will increase as long as we do not take the risks of digitizing our societies more serious.
Why is there never any news about the West hacking the East, only the other way around. Are we as innocent as we look like and really always on the defensive?
As stated before, this hacking is not just between the East and the West. We see malicious hacking happening worldwide, to include by criminals in our own nations. I think one of the differences between what we call 'good' and 'bad' hacking is that our rules-based democracies have developed and are further improving legal and ethical frameworks on how to use cyber offensive capacity both in national as in international affairs. Our nations and the EU are participating internationally in fora and in negotiations to maintain an open and safe internet. Our nations are also building law enforcement capability to prosecute cyber criminals. As we all know not all nation states have the same rigor in following these rules or prosecuting digital perpetrators. That is a serious issue, not just from a prosecution perspective, but also from the perspective of international relations. We are not always in the defensive, but as long as attackers can hide easily, they have an advantage.