Cyberspace is the environment in which interactions over computer networks occur. It encompasses the internet, the telecommunications network, computer systems, and the associated controllers and processors.
Cyberspace is a global common like other global commons such as air, sea, and space. It is a shared resource that does not know geographical boundaries. The boundlessness is a boon as much as it is a bane.
The unrestricted sharing of information has made the world come closer digitally though it has created virtual walls–influenced by the divided interests of stakeholders–that inhibit the true nature of global cyberspace.
At the mercy of geopolitics, global cyberspace has become a political arena for shaping geo-tensions.
The warriors fuelling the fire are cybercriminals–a bunch of sponsored hackers–that leverage the vulnerabilities in geopolitics to foster their ‘under the rug’ activities.
Throughout 2022, geopolitical tensions have been exacerbated by hacktivists and other cyber threat actors. Cyberattacks have accompanied and complemented kinetic military action in these instances to undermine resistance and defence capabilities against invaders, influence foreign policies, and support the aggressor’s strategic goals.
Since the Russia-Ukraine conflict began, cyberattacks have evolved drastically. Tactics targeting critical infrastructure have plagued the cyberwar landscape.
Passing the baton from governments to corporations
Large corporations are equal victims of this menace. Global companies are spread across geographies sharing one cyberspace.
The impact of cybersecurity incidents can cascade from organisation to organisation and across borders. The risks this creates are potentially systemic, often contagious, and frequently beyond the understanding or control of any single entity.
Cyberattackers leverage geopolitical tensions to hunt for targets. However, in the wake of the changing geopolitical landscape, the character of cyber threats has changed. Cyber-attackers are more likely to focus on business disruption and reputational damage.
Political disruptions in or between countries also provide a fertile ground for cyberattackers to take advantage of the vulnerabilities that help launch the cyber attack.
In cybersecurity, attackers have a structural advantage: they need to find only one exploitable weakness across an organisation. It means attackers have less ground to cover than a defender and the attacker can often adapt faster than organisations can defend or recover.
Cybersecurity experts are themselves only beginning to grasp the extent and consequences of the technological interdependencies created by their organisations. These changes range from the increased dependence on shared IT services to the creation of communication services on Earth that depend on “constellations” of software-enabled satellites in space.
43% of organisational leaders think it is likely that in the next two years, a cyberattack will materially affect their own organisation. In turn, it means that, in many cases, enterprises are devoting more resources to day-to-day defences than to strategic investment.
The role of media
News headlines have drawn leadership attention to shifts in the cyber landscape. Most business leaders are now conscious that new technologies are evolving quickly and that cyber attackers will exploit this.
They understand that geopolitical tension is rising in most regions and cyber attackers are changing their targets. Cybersecurity regulations have become a more prominent factor in compliance and board-level conversations across many regions.
74% of organisation leaders say that global geopolitical instability has influenced their cyber strategy ‘moderately’ or ‘substantially’. Business continuity (67%) and reputational damage (65%) concern organisation leaders more than any other cyber risk.
Efforts are being made to strengthen internal policies and processes as well as to increase the effectiveness of cybersecurity controls with third parties. A lack of policies governing this critical man-made global common–cyberspace–poses a serious risk.
How does new-age tech incubate new-age threats?