By Mousume Roy, APAC Reporter, HCL Technologies Ltd.

 

On 24 February 2022, a deliberate cyber-attack against Viasat’s KA-SAT network resulted in the disruption of consumer-oriented satellite broadband service. The attack destroyed tens of thousands of satellite terminals affecting customers in Ukraine and Europe.

A statement  by the European Union said, "The cyber-attack took place one hour before Russia's unprovoked and unjustified invasion of Ukraine on 24 February 2022, thus facilitating the military aggression."

May 2022 also marks five years since the infamous WannaCry ransomware attacks – another example of state sponsored cyber attack activity. The ransomware attack, attributed to North Korea, propagated across 150 countries and more than 3,00,000 computers by exploiting a Microsoft vulnerability back in 2017. The worst affected were Britain's National Health Service and global companies like Nissan Motors, FedEx, Hitachi, Yancheng police department in China to name a few.

Cybercriminals have become more brazen at executing this type of cyber warfare--with malicious distributed denial-of-service (DDoS) attacks, ransomware, phishing, and cryptojacking--holding organizations hostage with data loss, disruption, and supply chain attacks. According to CISA, leading up to Russia’s attack against Ukraine, cyber criminals deployed destructive malware— WhisperGate, HermeticWiper, IsaacWiper, HermeticWizard, and CaddyWiper—to destroy computer systems and render them inoperable.

In the world of the threat landscape, organizations can do more

The Cybersecurity and Infrastructure Security Agency (CISA) warned U.S. organizations about the increase in cyberattacks and built a resource center to help organizations step up their security posture.  

The CISA has also recommended that senior business leaders should empower CISOs by including them in the decision-making process, lower reporting thresholds for cyber incidents, planning for the worst with exigent measures, and focusing on continuity to ensure critical business functions remain unscathed.

Cybersecurity leaders are caught between an aggressive threat environment, cyber-wars, and unrealistic business expectations. To effectively mitigate the regulatory, financial and reputational damage caused by cyber-attack, organizations—big or small— must move from a reactive to a proactive state of cyber security to overcome disruptive cyber incidents. A unified front, awareness, and cooperation by countries, individuals, and organizations are exactly what’s needed to mitigate the risks against all cyber threats.

Security operations and approach

  • 89% reported a positive impact of cybersecurity training and awareness programs on employee cyber awareness

  • 65% indicated that their organizations currently assess its cyber maturity

  • 48% indicated their cybersecurity teams reports to a CISO

  • 33% surveyed said their organizations have adopted a SASE or a Zero-Trust strategy as a result of the pandemic

  • 41% indicated an increase in their organization’s cybersecurity budgets in the next 12 months

The above data is from the State of Cybersecurity Report 2021 published by ISACA in partnership with HCL Technologies.