What is the cost of nation-state threats?
By now you have heard of nation-state threats and how foreign governments used social media to interfere in both the 2016 and 2020 United States elections. The unfortunate reality is that the cyber dangers posed by such adversaries will only continue to grow. For example, did you know that 6.85 million accounts are hacked every single day? That amounts to an account every 158 seconds. No one is safe – neither governments, businesses, nor individual citizens.
Nation-state threats have already caused disruptions in critical national infrastructure, bankrupted companies, and even resulted in the death of a patient in a German hospital when doctors failed to access medical records during a ransomware attack. The cost of nation-state threats is beyond monetary. In this post, we’re going to look at some of the aftermaths or repercussions of nation-state threats on America.
Before we do that, however, let’s first define what exactly nation-state threat agents are.
Nation-state agents declassified
What is a nation-state threat agent? What is their aim or objective? And how do they operate?
A nation-state threat agent is either a quasi-government, state-sponsored or independent hacker group enlisted by a nation-state to subvert and or disrupt the operations of a foreign government, individual or organization.
Why do nation-state threat agents do this type of work?
Generally, it is done for geopolitical benefit, economic gain, and to access and subsequently steal or compromise another country’s intelligence information.
Nation-state threat agents differ from hacktivists and rogue hackers in that they are typically motivated by nationalistic views. For this reason, they very rarely openly claim responsibility for the covert operations they engage in.
Among the biggest nation-state threat agents in the world are China, Iran, North Korea and Russia, who have each been linked to major U.S. cyberattacks.
The most expensive ramifications of nation-state threat agents
Experts say the worldwide damage of cybercrime in 2021 will reach $6 trillion.
To give you perspective, if the value of cybercrime was taken as GDP, it would be ranked as the world’s third-biggest economy after America and China. By 2025, however, cybercrime is expected to cost the world $10.5 trillion.
For the United States, the expense of cyber felony is exponential as seen in the infographic below.
Not every cost of nation-state threats can be quantified numerically, however, so we’re going to look at an additional four effects of nation-state threats on the U.S.
Nation-State Threat Ramification #1 Influence of public opinion through the dissemination of false information
The 2016 and 2020 U.S. elections were some of the most hotly contested of all time because of the polarization of the general populace.
For the first time in history, a foreign nation managed to interfere with public opinion and sow discord like never before.
Leading social media platforms Facebook and Twitter were used by Russian state agents to influence and agitate voters.
And it’s not just the elections that nation-state threats toyed with but research is showing that fake profiles and trolls employed social engineering to psychologically trigger and divide Americans on sensitive issues regarding race and justice.
Nation-State Threat Ramification #2 Disruption and annihilation of small, medium, and large businesses
According to IBM, as of 2020, the average cost of an enterprise data breach is $3.86 million with the number of days it takes to identify said breach averaging 207 days.
For small businesses cyberattacks could signify their end as 60% of these companies close shop within 6 months of the incident being discovered.
Because nation-state threat agents have ramped up operations against U.S. businesses, CISOs now have to factor potential nation-state threats in their risk calculus and develop business continuity plans to sustain the company in the event of a breach.
From brand and reputational damage to loss of consumer trust, the cost of nation-state threats for businesses is colossal.
Nation-State Threat Ramification #3 Frustration and death of civilians when critical infrastructure is sabotaged
The average person is often caught up in the crossfire when nations are at war.
Simply because countries are disputing in cyberspace doesn’t mean this will not translate to the real world.
In fact, because of the connected nature of our lives, cyberspace happenings actually have a bearing in the physical world.
To give an example, when Russian state agents attacked the Ukrainian power grid infrastructure in December 2015, more than 230,000 residents of the Ivano-Frankivsk region of Western Ukraine were left in the dark during a harsh winter.
Not only did the hackers sabotage the substations, but they also disabled backup power sources making it incredibly difficult to restore power to residents in the affected area.
Also, in September 2020 in Dusseldorf, Germany, a 78-year-old patient suffering from an aortic aneurysm was turned away by a hospital because hackers had encrypted hospital systems in a ransomware incident. The subsequent delay in medical treatment stemming from the cyberattack contributed to the woman’s eventual demise.
Steps you can take to protect your business
So, what can you do to protect your business against these increasing nation-state threats?
The first step CISOs must take is to evaluate their company’s current risk profile.
With this done, a multifaceted and multilayered strategy can be crafted which should include robust business continuity and disaster recovery plans.
Cyber risk defences will also need to be updated regularly taking advantage of the best security solutions on the market such as Cybeta’s Threat Beta, Threat Alpha, and Overwatch systems all developed by U.S. Intelligence-trained experts.
Now more than ever before, businesses cannot overlook Zero Trust Networks. Every entity connecting to the company’s internal system needs to be evaluated and approved to ensure compliance and so mitigate risk. This is all part of vulnerability management.
As we have seen, the cost of nation-state threats on governments, businesses and ordinary citizens goes beyond the financial aspect.
There is a clear need to implement predictive, pre-emptive and powerful cybersecurity solutions to help reduce the risk of nation-state breaches.
If you would like to talk to a cybersecurity expert about tailored solutions, contact us for a consultation or additional information.