OTTAWA, ON (June 22, 2021): Recent cyber attacks on the US Colonial Pipeline and JBS Foods are a reminder that cyber aggression has become a persistent problem in our daily lives. Canada will remain vulnerable to these attacks if we do not take action now.
In a new MLI commentary titled, “Everyone together now: Creating a resilient society in an age of cyber threats,” author Elisabeth Braw dives into the reality of cyber aggression, outlines how such attacks will only increase as societies become more dependent on digital technology, and details how we can become more resilient to the challenges posed by cyber aggression.
The 2020 Cyber Readiness Report found the share of companies affected by a cybersecurity event had fallen from 61 percent to 39 percent. However, Braw warns that the decrease of cyber attacks indicates that these attacks have become more calculated and in turn have a greater impact by not being quickly detected.
According to Braw, the infamous 2017 attack against Ukrainian critical national infrastructure is a good example of an immensely successful cyber attack, hitting critical infrastructure such as banks, hospitals, airports, and power companies. The government estimated that due to this attack, 10 percent of all active computers in the country were wiped out. Yet the attack did not end there, eventually hitting shipping giant Maersk, pharmaceutical leader Merck, FedEx’s European subsidiary TNT Express, the French construction leader Saint-Gobain, and others.
This attack was not an isolated incident. Last year’s SolarWinds attack was a phenomenally successful intrusion that, according to Braw, “reached 425 Fortune 500 companies, the top 10 US telecommunications enterprises, the top five US accounting firms, the State Department, the US Department of Defense, other government department or agencies, and a large number of universities and foreign government agencies.”
In order to prevent these kinds of attacks, societies need to bolster their cybersecurity networks, foster greater awareness on the ever-evolving methods of cyber attacks, and increase the consequences for cyber aggression. As Braw notes, “failed deterrence, as we have seen, has enormous implications.”
Braw points to Estonia, Latvia and Lithuania – countries that remain in the crosshairs of cyber intrusions from Russia – as key examples of societies that have increased their resilience efforts and formulated cohesive cybersecurity strategies. The three countries have not only taken steps to implement legislation to combat cyber aggression but have employed a whole-of-society approach involving civil society and the private sector.
While forming a united resilient front will not completely prevent all acts of cyber aggression , it would represent an important step as the need for cyber resilience will continue to grow as societies become more technologically advanced. This cannot be done solely by governments, but by the collective actions of governments, societies, and individuals.
“Resilience is vital because it absorbs the blow of cyber aggression, thus both limiting the harm and signalling that cyber aggression is not a worthwhile undertaking,” writes Braw.
To read the full commentary, click the button below.
Elisabeth Braw is a resident fellow at the American Enterprise Institute (AEI), where she focuses on defence against emerging national security challenges, such as hybrid and grey zone threats.
For more information, media are invited to contact:
Communications and Digital Media Manager