How to prepare for and respond to cyberattacks targeted at critical infrastructure.
The future is hyperconnected and cyber-physical
The world has gone digital and the profound impact of revolutionary technology continues to grow at an accelerating pace.
As the World Economic Forum notes in its 2020 report Cyber security, Emerging Technology and Systemic Risk1, transformational technologies now shaping the current and future connected society include ubiquitous digital connectivity, artificial intelligence, advanced machine learning and quantum computing. Simply put, society is speeding into a bold new hyperconnected world that promises historic social, economic and environmental advances.
As the reliance on technology grows, however, so does the critical need to ensure security and protection in the face of soaring cyber threats — accidental or intentional — that can put infrastructure, businesses, even human lives, at risk.
Malware, a catch-all term for any type of malicious software designed to harm or exploit digital devices, services or networks, has proliferated in reach and sophistication to exert a costly toll on businesses, with ransomware currently dominating headlines in the wake of destructive attacks. A type of malicious software that typically blocks access to computer systems or valuable data, paralyzing business-critical processes ransomware is allowing cyber criminals to cash in by extorting businesses, large or small, for massive cryptocurrency payments.
According to blockchain analytics firm Chainalysis2, ransomware-linked extortion exploded to a record US$406 million in 2020, from US$92.9 million in 2019 and reached an estimated US$81 million in cryptocurrency payments as of May 2021. Chainalysis notes that the true toll is probably much higher, as businesses often fail to report or publicize costly ransomware attacks as this menacing trend continues to unfold at an alarming rate.
Colonial Pipeline, operator of the largest US fuel pipeline, suffered a vicious May 2021 ransomware attack that disrupted oil and gas supplies in the US, with the firm paying about US$5 million in bitcoin to unlock its network. This is not the only example; there have been many more high-profile ransomware attacks on businesses worldwide in which substantial payments have been made to resume operations quickly.
As costly and destructive attacks multiply, the race is now on to respond with security and threat management systems that can stem the tide of disruption.
Walter Risi, Global Cyber IoT Leader and Partner, Cyber Security Services KPMG in Argentina
1 Future Series: Cyber security, emerging technology and systemic risk, World Economic Forum, 2020.
2 Danny Nelson, Ransomware Attacks Growing More Profitable: Chainalysis, Coindesk, May 19, 2021.