Cyber security can still feel vague for many people whose knowledge is often limited to malware and ransomware. However, from a risk perspective, the threat of cyberattacks to individuals, businesses and the government is wide-ranging and has grown exponentially in the last few decades. Current geopolitical and economic conditions, specifically those tied to the conflict in Ukraine, have increased cyber risks as nation-state actors continue to orchestrate more prolific cyberattacks against other countries. Preparing for these risks has challenged insurers and businesses through safety protocols, frequent assessments and evolving industry-wide mitigation strategies.
Is the threat of escalating cyberattacks real?
Simply put, the threat is very real. In April 2022, Microsoft released an in-depth report “detailing the relentless and destructive Russian cyberattacks we’ve observed in a hybrid war against Ukraine.” The Microsoft report described how, for the first time in history, the world observed a conflict where a nation’s “use of cyberattacks appears to be strongly correlated and sometimes directly timed with its kinetic military operations targeting services and institutions crucial for civilians.”
In the weeks and months leading up to Russia’s military offensive into Ukraine, multiple cyber security researchers identified highly destructive malware suspected of being from Russian nation-state actors. While destructive malware is not new, the volume of new malware that masquerades as ransomware before deploying the destructive phase of the malware is most concerning.
Ransomware continues to be a booming business. With any new piece of malware, there are unique deployment and infection vectors that raise tension for companies and governments as they work to strengthen their cyber practices. While security professionals are tracking and mitigating risks, there is no guarantee that highly sophisticated and dangerous nation-state-originated malware will stay contained to the geographical regions of their intended targets. This malware may be obtained and modified by other nation-states, criminal hacking groups and various malicious actors to create new variants for nefarious, profitable gain. As companies improve their security posture and data protection methods, criminal groups continually look for proverbial bigger sticks to carry to coerce companies into paying ransoms.
Impact of the conflict in Ukraine on cyber recovery efforts
In addition to the organized weaponization of cyberattacks, the current conflict in Ukraine has affected an already sluggish supply chain system of technology parts. The global microchip supply suffered significantly during the COVID-19 pandemic, while the demand for devices using microchips soared overnight as people began to rely more on digital communications. The shortage worsened immensely with the conflict in Ukraine. Microchips require specific lasers in their manufacturing process, and one of the materials critical to operating those lasers is semiconductor-grade neon. Two Ukrainian companies supplied approximately half of the world’s semiconductor-grade neon to the global marketplace. When those companies shut down following Russia’s invasion of Ukraine, 50% of the global semiconductor-grade neon disappeared from the manufacturing pipeline. Experts predict that if the Ukraine conflict continues to drag on, it will likely further affect the broader supply chain and the ability to manufacture products that use microchips.
That means if large-scale, destructive cyberattacks occurred, victims may be unable to buy or source enough devices to get back online. Additionally, there is concern about inflationary prices associated with this scenario. A potential destructive cyberattack could effectively shut down essential services and businesses for weeks or months in a world where most of our day-to-day tasks have become digitized.
Broader connectivity of risks
We are in an increasingly connected world, meaning there are more complex and often unrecognized connections across firms than ever. Increased market concentration, paired with complex and often unrecognized connections across firms (including shared technologies and third-party service providers), can result in a single or near-single point of failure. In any industry, this could create a correlated, systemic cyber event.
As more organizations purchase cyber insurance, from 26% in 2016 to 47% in 2020, cyber insurers are reviewing their portfolios to determine their exposure to evolving categories of systemic risk and taking steps to ensure solvency should a systemic cyber loss occur. A 2018 Lloyd’s of London study modeled the potential insured loss of $19.49 billion resulting from a five- to 11-day outage at one cloud provider. That’s nearly double the estimated annual cyber insurance premiums of $8 billion to $10 billion, so it’s clear why insurers are concerned.
See also: October ITL Focus: Cyber Threats
Next step for cyber insurers
Aon’s Cyber Security and Supply Chain white paper suggests the following strategies to mitigate the effects of a cyberattack.
- Ensure cybersecurity teams are up to date with existing threats
- Ensure a disaster recovery plan and assess supply chain redundancies for devices, identifying alternative sources of devices in case of an emergency
- Confirm an incident response plan and run tabletop exercises to prepare for the worst-case scenario
- Maintain good cyber practices, including:
- Have sufficient network segmentation
- Arrange off-site and offline backups
- Use endpoint detection and response (EDR) solutions
- Employ internal monitoring
- Implement phishing prevention
- Mandate cyber security awareness training for all employees
Additional services to consider include:
- Conducting a Threat Hunt or Adversary Simulation—both of which can help detect a malicious actor lurking in your system before a breach
- Implementing procedures to minimize credential theft, prevent account abuse and secure internet-facing systems and remote access
- Consider risk transfer solutions either through traditional cyber insurance or other alternative methods
Cyber risks are not limited to global conflict and will have a major impact for all stakeholders. But mitigation techniques and partnerships with strategic consultants such as Aon will help as we ride out the latest risk management issues.