What the Pandemic Can Teach Us About Our Response to Cyberattacks

By Glenn Murray, CEO at Sapien Cyber

Infection is spreading rapidly, and systems are failing. Identifying where the virus has started, how the virus infects others, tracking its movements, and containing the infection need to be done as quickly as possible to minimize impact.

Compounding the seriousness of the situation is the panic created as the virus continues to spread, circumventing protective measures and making the unseen threat difficult to stop.

Oh, and I’m not referring to the Covid-19 pandemic, but the sheer impact and scale of damage that a cyberattack can cause.

Our response to coronavirus and cyberattacks are quite similar, where both invoke panic against a threat that can’t be seen, understood, or seemingly defended against. 

Just earlier this year, a water treatment plant in Florida was attacked by cybercriminals, which would’ve released higher levels of sodium hydroxide into the water supply. If one employee hadn’t spotted this, there would’ve been a dangerous level of the chemical in Florida’s drinking water. This is just one example of how cyberattacks can be just as dangerous as human viruses.

This current pandemic highlighted how our human response in a time of crisis is reactive to external factors, and how heavily reliant we are on global supply chains which are ill-equipped to operate effectively under such circumstances.

In times like these, we should pause and take note of the key lessons we can learn from the global response to the Covid-19 pandemic that can be applied to improve our resilience to future cyberattacks.

A good place to start is by linking the response characteristics shared between the pandemic and cyberattacks.

Education and training

Early reports indicate that due to the impact of the coronavirus, there has been a sixfold increase in social engineering attacks, exploiting people working from home in unfamiliar working environments using unfamiliar systems.

Coronavirus education focuses on the basics of good hygiene and social distancing practices. In parallel, organizations need to educate and prepare employees, as they are now, more than ever, the first line of defense against a cyberattack.

Visibility: Detection and Tracking

One element of Covid-19 that has made it particularly aggressive is the fact that it can be easily passed on by a person who shows no signs or symptoms.

In the digital world, there is no system defense against a zero-day attack. An infection can spread between connected systems on the network without exhibiting any evidence of compromise. This allows attacks to spread rapidly and remain undetected by the host for weeks or indefinitely.

Studies have revealed that coronavirus may lay dormant, returning in previously infected patients and continuing to be infectious for significant periods of time.

Similarly, the cybercriminal can design a cyberattack that re-infects systems, even after they’ve been ‘cleansed’. Even if malware is detected on a system, it may still re-emerge at a later time.

To battle the spread of Covid-19, testing centers have appeared across the globe. However, testing rates have remained consistently low, limiting the ability to effectively test for and map the spread of infections.

In the digital world, this challenge is again replicated.

Few organizations are equipped with fit-for-purpose detection capability to monitor their associated networks for compromise. This lack of visibility will be exploited by a cybercriminal to hop from device to device and move laterally across a network.

Under both circumstances, the responses to stop the spread are surprisingly similar. For Covid-19, a range of activities from social distancing and testing through to community awareness and education were implemented. The timing of the implementation was key in achieving a rapid reduction in infection numbers.

Likewise, defense against a cyberattack includes basic network hygiene combined with understanding your network, through tools such as anti-malware, regular patching, and vulnerability identification.

It is important to prioritize a timely response to minimize the impact of a cyberattack on your enterprise.

Resilience is critical to success

Covid-19 highlighted the world’s dependency on global supply chains that, when stretched beyond capacity, hindered our ability to respond effectively.

By comparison, our reliance on overseas components and expertise to meet cybersecurity requirements introduces vulnerability through dependency on global supply chains.

In response to Covid-19, there has been a shift in society’s mentality, and prevention has become a vital part of seeing the back of the pandemic.

We can’t predict the future, but we can learn from our past and educate people, integrating procedures and technology.

Our focus needs to be directed towards building sufficient capability to respond in a timely manner to the next crisis on the horizon, minimize its impact and strongly recover.

Is the next crisis going to be another pandemic? Or will it be a cyberattack on our critical infrastructure impacting water supplies and electricity grids? Whether the invisible attack is in the digital world or the physical, if the pandemic has taught us anything, we need to work on preventing it and act now.

Glenn Murray is the Chief Executive Officer at Sapien Cyber. Glenn has extensive experience in the management of multi-million dollar projects in the identification and application of ICT solutions across the oil and gas, mining, heavy vehicle manufacturing, mining, defense (Electronic Warfare), and telecommunication industries. His military background and focus on national security have built a passion for cyber security and protecting the world we live in. As CEO of Sapien Cyber, Glenn’s vision is to provide world-class cyber security solutions to critical infrastructure industries globally.

Follow Brilliance Security Magazine on Twitter and LinkedIn to ensure you receive alerts for the most up-to-date security and cybersecurity news and information.