Last week in Florida, a computer hacker broke into the water system of the city of Oldsmar and tried to poison the supply by pumping in a dangerous amount of the chemical sodium hydroxide in to the water. US authorities are investigating the hack and even though it was averted and no damage done, it is an example of hackers’ growing powers to threaten governments and corporations around the world.
Since the invention of the internet 30 years ago, the rate of digitalisation has become so rapid, and the volume of connected devices so huge, that network security needs to be urgently ramped up to an equal scale so that they are effectively defended against such threats.
The US, once pre-eminent in cybersecurity, has now, under President Joe Biden, made it a priority to restore its global hegemony. Mr Biden has committed $10 billion towards strengthening America’s cyber security capabilities and appointed key people in those roles. Some observers say that his administration is the most cyber-savvy in history.
That Mr Biden is giving the matter such priority is of little surprise, according to Will Dixon, the cybersecurity lead at the World Economic Forum. Last year’s SolarWinds breach, which Mr Dixon says is “arguably the worst cyberattack in US history, given its scale” has recently underscored the risks in a stark manner.
More systemically, however, cybersecurity was the fourth biggest risk facing global policymakers and business leaders, as per a recent Forum report. In the last decade, it has consistently ranked as one of the most important strategic issues, Mr Dixon says.
At Idex, the defence exhibition and conference being held in Abu Dhabi later this month, cybersecurity will be prominent on the agenda.
In this region, governments and institutions are working hard to ensure readiness in the face of cyber risks. Last month, for example, the Central Bank of the UAE and the UAE Banks Federation conducted a cyber war gaming drill, which showed that the sector’s ability to defend attacks had significantly increased in the last five years.
Hackers are perhaps the modern equivalent of the bank robbers of Depression-era America. In the 1930s, as they looted one town after another, those robbers used the advent of the motor car and a growing network of highways to stay one step ahead of the authorities. Eventually, of course, law enforcement adapted and caught them. This time around we should expect the same, as defence capabilities and tools evolve to get ahead of hackers.
Globally, however, there remain challenges that might slow the response: regulation and strategies that diverge from region to region, the rising costs of cybersecurity, and concerns about robustness of the software, hardware and IT services companies that supply the industry, Mr Dixon says.
“The world is still, even now, at the beginning of its global cybersecurity journey, while progress has been made in improving cybersecurity across the ecosystem, the increased complexity, pace, scale and interdependence of the global economy on new transformative technologies, presents an ever-changing landscape. These technologies relate to AI, 5G, Quantum computing and digital identity, which will overwhelm many current defences,” he says.
A catch-22 situation that we’re in is another issue affecting how long it might take to nullify the threat of the hacker. We must develop increasingly sophisticated digital tools to counter an enemy that is evolving equally rapidly. That trend feeds on itself. For example, the need to have offensive capabilities in the battlefield proliferates digital tools and strategies.
British security services jammed ISIS drones as part of a major covert cyber operation against the terrorist group, Jeremy Fleming the UK’s surveillance chief told Sky News this week. How long before ISIS works out how to jam British drones in a similar manner, now that they have seen how effective a strategy it can be?
In the digital arena, weapons that give you an edge today could be the same ones used against you by an enemy hacker in the future.
Maintaining an advantage in cybersecurity – whether by a government or a corporation – requires a continuous evolution and improvement in capabilities. And so, the cyber-arms race goes on, with both sides upping the ante until the level of defence reaches a point where it becomes too time-consuming and expensive for a hacker to even attempt an attack. Much like how the bank robbers of 1930s America were put out of business. This point can be reached in reality, and the blockchain technology behind Bitcoin, for example, which utilises decentralisation and full transparency to create an impossible to hack system, proves this to be the case.
Until then, and because we are ever deepening our reliance on technology, we cannot switch off. We cannot lower our cyber defences even for a second. The hacker, meanwhile, can pick and choose when and where to strike.
Mustafa Alrawi is an assistant editor-in-chief at The National
