Cybersecurity has long flown under the radar of governments worldwide. Hackers are set to cost countries across the globe $6 trillion in the next two years, dwarfing the economic impact of natural disasters. And the energy industry could be hit the hardest.
It’s not just small-timers sitting in a basement asking your grandmother for bitcoin, either.
Independent and state-sponsored hackers alike are increasingly targeting major financial institutions, critical infrastructure and other points of support that make the world go round.
Financial firms are already on edge, suggesting that ‘cyber risk’ is the largest threat to the broader economy.
The Bangladesh Bank Heist is a prime example of the threat presented by criminals looking to take advantage of security flaws in some of the world’s most used financial systems.
In 2016, hackers launched a series of attacks on the global SWIFT payment platform, falsely submitting instructions to transfer over $1 billion, and while most requests were shot down, the cyber group still managed to get away with over $100 million.
But bank heists are only a small piece of a much bigger puzzle.
Attackers have also stolen credit cards, frozen ATMs and even shut down the UK’s entire VISA network.
And it’s not always about money, either. Politics, both local and global, play a role in these moves.
Over the past several years, attacks on U.S. critical infrastructure has been steadily increasing. From oil and gas pipelines to nuclear plants, the threat is growing, and according to the U.S. Department of Defense, these attacks are likely to continue for the foreseeable future.
Countries like Russia, Iran and even North Korea are arming themselves with teams of digital aces to go on the offensive. These agents work in the shadows and energy infrastructure is quickly becoming a prime target.
There’s a modern-day spy novel being played out in the depths of the web, and the game is just heating up.
The issue is so complicated, in fact, that just recently a two-year-long investigation between the US National Security Agency and the UK National Cyber Security Centre revealed that Russian-linked hackers had been piggybacking on Iranian hackers’ tools and infrastructure for years to run their own attacks.
The Online War For The Middle East Is Heating Up
With some of the largest oil and gas reserves in the world, the Middle East is not only a hotspot for geopolitical power plays on the ground, but also on the web.
A recent report from American cybersecurity firms Dragos and Dell’s Secureworks highlighted a new group codenamed Hexane. The group is said to carry out its attacks in a similar fashion to well-known Iranian hackers, though the cybersecurity firms were unable to make a clear identification of who was actually behind the group.
“The malware is in an early, immature age but it does include features we typically see in Iranian malware,” Rafe Piling, senior security researcher, Secureworks Counter Threat Unit, said. “But it’s by no means specific and someone could emulate many of these characteristics if they wanted to enter the domain.”
There is also some debate among cybersecurity professionals about the exact targets of the group. Hackers can go after information technology (IT) systems like desktop computers or operational technology (OT) systems like programmable logic controllers, computers designed specifically for industrial purposes like oil and gas refinement or manufacturing, but the two are ultimately connected regardless.
Although the Middle East is an active region for cyber threats, countries like Iran have a global reach. Earlier this year, Dragos identified a group named Magnallium which was targeting American government, financial, and energy companies.
With geopolitical relations already teetering on the edge, it’s safe to say that the world is in a delicate state…and one major attack could be the catalyst that sparks even more dramatic responses. Because of this, cybersecurity is more important than ever.
But are we doing enough to protect ourselves?