Are we ready for cyberwarfare?
Are we ready for cyberwarfare?
The face of the cyber threat is changing at an accelerating pace. In addition to the heinous crimes and ransomware of the past few years, there are more and more politically motivated operations against individuals or states. Two recent events illustrate this.
In January, the ICRC was the victim of a massive hack, without any ransom demand, according to official announcements. This is not surprising, given the nature of the stolen data, which could well be recovered by a malicious state organization, to launch actions against individuals or groups of people.
Ukraine, for its part, has been undergoing a conventional military attack for a few days, preceded by years of actions in cyberspace. This is one of the new faces of war in the 21st century. These attacks are of concern to all citizens, including those in Switzerland. Would we be prepared if critical infrastructures for the functioning of our country were targeted by computer sabotage? In recent months, public authorities, businesses, and communities have been hacked. What if it was, for example, our energy supply or our banking system?
The worst-case scenario in Ukraine
Ukraine appears to be a real open-air laboratory for cyber operations, to the point that NATO has affirmed a first form of cooperation with it in this area. The attacks that Kiev has suffered, in recent years, can no longer be counted. All strategic areas of the country have been affected, as in 2015, when the power plant of Ivano-Frankivsk had deprived part of the region of electricity in the middle of December. Or in mid-January this year when websites and several government agencies were blocked.
Tens, even hundreds of thousands of attacks are detected every day in the world. Not all of them have the same gravity or the same consequences, but cyber-attacks and disinformation are indeed the weapons of destabilization, as a complement or preparation to more conventional attacks.
We are all concerned
There are two kinds of computer attacks:
- those aimed at data theft, which can affect all companies, public organizations, or individuals
- those aimed at paralyzing the essential services of a company or a state, which is known as cyber-coercion. When tensions increase between countries, it is these critical infrastructures, such as service distribution centers, energy, banks, and stock exchanges, that are now targeted by cyber-attacks. To counter this type of infiltration, a defense must be put in place to cope with the strategic interest of the infrastructure, and anti-virus software is no longer sufficient. It is necessary to be able to detect stealthy and complex attacks in time, but above all to be able to respond, to restore the affected infrastructure and possibly to counterattack.
Is Switzerland prepared?
The answer is no. There is still a great deal of naivety in our approach in this area. Let's imagine, the hacking of an industrial service, responsible for the electrical distribution of a whole canton. Power plants, dams, windmills, even nuclear power plants, could be paralyzed. Is this scenario possible? Yes. The right question to ask now is: what are the means Switzerland wants to equip itself with to achieve adequate protection?
Our country has finally become aware of this type of danger and the protective measures to be taken. The National Council's Security Policy Committee recently voted in favor of setting up a Swiss sovereign cloud. Such a service would serve as a kind of protected area for storing sensitive data and running services that require a high degree of protection. The whole set up in public-private collaboration but especially under the sole Swiss jurisdiction.
It is also important that Switzerland develops a real integrated cyber defense capability. What is being put in place at the confederation level is a first step, but it will not protect our economy or individuals. For this, we need to accelerate the implementation of an industrial cyber defense ecosystem. This local network of specialized companies will allow us to better detect attacks and above all to respond to them with a real capacity to intervene.
In the physical world, the role and effectiveness of the military, police and private security companies have been demonstrated. Today, the same type of network is missing in the virtual world. It's time to move up a gear to ensure the digital survival of our infrastructure.