Analysis
Attacks and Vulnerabilities
Critical infrastructure
Malware, Phishing & Ransomware
News
Reports
Risk & Compliance
Secure Remote Access
Supply Chain Security
Technology & Solutions
Threat Landscape
Vulnerabilities

WEF agency says geopolitical tensions increase cyber risks, call for prioritizing cyber resilience

February 28, 2023
WEF agency says geopolitical tensions increase cyber risks, call for prioritizing cyber resilience

The World Economic Forum (WEF) said that a year after Russia invaded Ukraine, the geopolitical situation has become increasingly tense and volatile, increasing cyber risk while cyberattacks exacerbate geopolitical dynamics. The agency also assessed that given the likelihood of a prolonged war in Ukraine and of a renewed Russian offensive, malicious cyber operations can be expected as part of a concerted hybrid warfare effort. 

The agency proposed achieving cyber resilience as one of the biggest cybersecurity challenges – it is not a one-time or a one-actor effort, but more of a harmonized approach that stretches across borders and businesses is necessary.

“In the context of the war in Ukraine, the weaponisation of gas supplies and attacks on energy infrastructure – such as the sabotage of the Nord Stream pipelines – highlighted the threats to critical infrastructure,” WEF assessed. “The energy sector has become a primary target of geopolitically motivated cyberattacks, while also being indirectly affected by spill-over effects. Some key examples include the Colonial pipeline ransomware attack in 2021, costing over $4.4 million, and the 2022 ARA cyberattack, which disrupted oil and gas supplies in Europe.”

WEF also flagged that the energy crisis is also boosting the shift to renewables, making such industries a potential target of cyberattacks. Last April, three German wind energy companies were breached by the Russia-based Conti cybercrime group. “Sustainable energy infrastructure has profited from IT/OT convergence, reaping operational and financial benefits albeit increasing the vulnerability surface. Such risks will grow exponentially as renewables are predicted to generate 60% of global energy by 2035. The disinvestment from fossil fuels requires greater levels of cybersecurity: green transition must go hand-in-hand with cyber resilience,” the agency added. 

The European Union Agency for Cybersecurity (ENISA) and the CERT of the EU institutions, bodies, and agencies (CERT-EU) released earlier this month an alert over malicious cybercriminal activities carried out by APTs (Advanced Persistent Threats) against businesses and governments across the region. Data from Google revealed a spike in state-sponsored cyber attacks, with a 300 percent increase in targeting users in NATO countries, compared to 2020. 

In such an unstable geopolitical context and challenging economic environment, it is fundamental for private and public sectors to strengthen cyber resilience to mitigate future disruption, the WEF said. “Achieving cyber resilience is one of the biggest cybersecurity challenges: it is not a one-time or a one-actor effort. Data suggests that a harmonised approach that stretches across borders and businesses is necessary. Private sector collaboration can foster cyber maturity across the industry.” 

On Monday, the Australian government released a discussion paper seeking views on how the government can achieve its vision under the 2023-2030 Australian Cyber Security Strategy. The paper calls for recommendations as to what it should consider when developing cybersecurity measures to better protect and enhance collective cyber resilience, both in Australia and in the region. 

Additionally, it identified that the Russia-Ukraine conflict demonstrated that cyber-attacks by both nation-states and criminal groups can rapidly spill across borders, affecting critical infrastructure and essential services around the world. 

The WEF post comes amidst alerts issued by global cybersecurity agencies one year after Russia’s invasion of Ukraine. The U.S. Cybersecurity and Infrastructure Agency (CISA) urged organizations and individuals to increase their cyber vigilance one year after Russia invaded Ukraine. The agency assesses that U.S. and European nations ‘may experience disruptive and defacement attacks against websites in an attempt to sow chaos and societal discord on February 24, 2023,’ the anniversary of Russia’s 2022 invasion of Ukraine.

“In response to the heightened geopolitical tensions resulting from Russia’s full-scale invasion of Ukraine, CISA maintains public cybersecurity resources, including Shields Up—a one-stop webpage that provides resources to increase organizational vigilance and keep the public informed about current cybersecurity threats,” according to the recent alert

CISA recommends that all organizations review and consider implementing the DDoS Attack Guidance for Organizations and Federal Agencies. The security agency also suggests reviewing the Shields Up web page, which includes guidance on increasing organizational vigilance, implementing cybersecurity best practices, increasing resilience and preparing for rapid response, and lowering the threshold for threat and information sharing. 

The Canadian Centre for Cyber Security also issued an alert that is used to raise awareness of a recently identified cyber threat that may impact cyber information assets, and to provide additional detection and mitigation advice to recipients. 

“The Cyber Centre is urging Canadian organizations to be vigilant and prepared for potential malicious cyber activity following the one-year mark of Russia’s war on Ukraine,” the Canadian agency said. “The Cyber Centre would like to specifically warn Canadian organizations and critical infrastructure operators to be prepared for the possible disruption, defacement, and attempted exploitation of Canadian network assets by cyber threat actors aligned with Russian interests.”

The agency added that it “is aware that Russia-aligned actors have conducted Distributed Denial of Service (DDoS) campaigns towards Ukraine-aligned nations and recommends the following guidance to better protect Canadian organizations.”

Keeping these threat factors in mind, the Cyber Centre called upon Canadian organizations to review their security posture and to ensure security controls are effective and in place. It recommended that organizations review previous joint publications to help organizations detect and mitigate threats, while also reviewing perimeter systems to determine if the related activity has occurred or how to better prepare for potential malicious activity. 

Additionally, the Canadian Cyber Centre recommends that organizations review and implement the Cyber Centre’s Top 10 IT Security Actions with an emphasis on consolidating, monitoring, and defending Internet gateways, while also isolating web-facing applications. 

Anna Ribeiro
Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

MITRE confirms breach on NERVE network, suspected foreign nation-state actor involved
MITRE confirms breach on NERVE network, suspected foreign nation-state actor involved
Radiflow helps customers achieve NIS2 compliance, spurring growth in Europe
Radiflow, Exclusive Networks partner to elevate OT cybersecurity
MITRE plans to enhance cybersecurity in 2024 with ICS sub-techniques and multi-domain integration
MITRE plans to enhance cybersecurity in 2024 with ICS sub-techniques and multi-domain integration
New bill introduced to set up Water Risk and Resilience Organization to secure water systems from cyber threats
New bill introduced to set up Water Risk and Resilience Organization to secure water systems from cyber threats
CISA, FBI, Europol, and NCSC-NL issue joint cybersecurity advisory on Akira ransomware threats
CISA, FBI, Europol, and NCSC-NL issue joint cybersecurity advisory on Akira ransomware threats
Mandiant exposes APT44, Russia's Sandworm cyber sabotage unit, targeting global critical infrastructure
Mandiant exposes APT44, Russia’s Sandworm cyber sabotage unit, targeting global critical infrastructure
Hexagon and Dragos announce technical alliance to boost industrial cybersecurity, reduce overall OT cyber risk
Hexagon and Dragos announce technical alliance to boost industrial cybersecurity, reduce overall OT cyber risk
Armis
Armis acquires Silk Security for $150 million to enhance AI-driven cybersecurity capabilities
Nozomi discovers five vulnerabilities in AMI MegaRAC SP-X BMC, exposing OT, IOT devices to RCE attacks
Nozomi secures US$1.25 million US Air Force contract to boost DoD critical infrastructure security
Industrial Cybersecurity Buyers’ Guide 2024 navigates complex industrial landscape
Industrial Cybersecurity Buyers’ Guide 2024 navigates complex industrial landscape