Ein Bild, das Gebäude, Screenshot, Wolkenkratzer, Blau enthält. Automatisch generierte Beschreibung

Beyond the Firewall: Cyber-Attacks and their Impact on National Security

Every 39 seconds, a cyber-attack occurs, that is 2,244 times a day on average. This is an increase of 67% since 2014, according to Accenture [6]. The rapidly changing landscape of international affairs underscores the importance of cybersecurity as a key for national security, diplomacy, and national defense. What does the term cybersecurity refer to? According to IBM, cybersecurity refers to any technology, measure or practice for preventing cyberattacks or mitigating their impact [1]. These attacks range from conventional computer viruses to the sophisticated and financially ruinous malware. [1] The consequences of cyberattacks are becoming ever more dreadful for all three, individuals, organizations, and institutions. According to IBM’s recently released “Cost of a Data Breach 2023” report, the average cost of a data breach in 2023 surged to a staggering USD 4.45 million, marking a 15% increase over the last three years [1].

In response to evolving security challenges, the European Union (EU) is bolstering cyber resilience and enhancing cyber security and defense capabilities. The updated EU Cyber Defense Policy Framework (CDPF) aims to support the development of cyber defense capabilities among member states while reinforcing the cyber protection of EU security and defense infrastructure, all while respecting national and EU legislation [2]. Recognizing cyberspace as the fifth operational domain alongside land, sea, air, and space, the successful execution of EU missions hinges on maintaining uninterrupted access to secure cyberspace. This necessitates robust and resilient cyber operational capabilities [2].

In Switzerland, the military unit responsible for cyber defense categorizes broadly cyber threats and actors into five levels. The complexity of the attacks and the required expertise increase from the bottom to the top. The forms of cyber threats can be classified into the following categories: Vandalism, Activism, Criminality, Terrorism, and Conflict. [3] The following figure 1 stems from the official Swiss website, vtg.admin.ch.

Ein Bild, das Text, Screenshot, Schrift, Design enthält.Automatisch generierte Beschreibung
Cybermenaces et acteurs : groupes d’acteurs et motivations

Within the cybersecurity domain, attacks called Distributed Denial of Service (DDoS) frequently raise attention, underscoring the significance of understanding how they work. [5] A DDoS attack represents an evil effort to disrupt the normal flow of internet traffic to a specific server by flooding it with data from multiple sources. These attacks pose a substantial threat to various online resources, ranging from banks to news websites, and create major obstacles in ensuring access to vital information. Picture a DDoS attack as a digital traffic jam, paralyzing the server and causing disruption like a gridlocked highway. [5]

In the battle for cybersecurity, cyber-attack maps have emerged as precious weapons, providing insights to be ahead of cyber threats. These maps offer a visual representation of how cyber threats unfold globally, highlighting the interactions of mischievous packets between nations. [4] Figure 2 demonstrates such a cyber-attack map.

Ein Bild, das Screenshot, Text, Digitales Compositing, 3D-Modellierung enthält.Automatisch generierte Beschreibung
Norse Cyber-attack Map [4]

Although cybercriminals carefully target some of these attacks, the majority are coordinated by botnets disrupting crucial infrastructure and dismantling computer systems in major organizations. [5] Cyber-attack maps offer a dynamic visual representation of the origins of many cyberattacks, revealing insights into the changing cyber threat landscape [4].

Within the cybersecurity domain, Arbor Networks stands as a leading name among cyber-attack maps, with a primary focus on monitoring DDoS attacks across the globe. The insights provided by the Arbor Networks ATLAS® global threat intelligence system result from a comprehensive analysis. While the statistics on this map are refreshed on an hourly basis, users can also delve into historical data sets, offering a multifaceted perspective on cyber threats and attacks. [5] Check it out here: https://www.digitalattackmap.com.

Ein Bild, das Text, Multimedia-Software, Software, Grafiksoftware enthält.Automatisch generierte Beschreibung
Arbor Networks ATLAS® cyber-attack map

In the effort to pinpoint countries with strong capabilities in guarding against cyber threats, the Global Cybersecurity Index (GCI) delivers a comprehensive assessment. Developed by the International Telecommunication Union (ITU), the GCI serves as a survey measuring a state’s dedication to cybersecurity, ultimately aiming to raise awareness about the importance of this field [7]. The GCI assesses nations across five key areas: legal, technical, organizational, capacity building, and cooperation [4], [7].

The 2020 report showed the following ranking of the top 10 countries worldwide that scored highest in the five areas for being a cyber secure nation [8]:

Ein Bild, das Text, Screenshot, Zahl, Schrift enthält.Automatisch generierte Beschreibung
GCI Results – Global Score and Rank

Switzerland ranks place #42 and shows the following results:

Ein Bild, das Text, Diagramm, Screenshot, Reihe enthält.Automatisch generierte Beschreibung
Switzerland – Results

Meanwhile, dedicated to my Austrian readers, Austria ranks among the top 30 with place #29 and displays the following results:

Ein Bild, das Text, Diagramm, Screenshot, Reihe enthält.Automatisch generierte Beschreibung
Austria – Results

In the sphere of international cybersecurity, several pivotal agreements play a crucial role in shaping the landscape of digital defense. The Tallinn Manual on the International Law Applicable to Cyber Warfare, while not legally binding, stands as a significant guide, providing comprehensive principles on the application of international law to cyber warfare [9]. The Paris Call for Trust and Security, with its nine principles, underscores the importance of global collaboration in the face of escalating cyber threats [10]. Simultaneously, the Budapest Convention on Cybercrime serves as a foundation for fostering international cooperation in fighting cybercrime [11]. These agreements collectively contribute to the establishment of a framework that addresses the complexities of the digital domain, emphasizing the need for unified efforts to safeguard the integrity of cyberspace on a global scale.

As we conclude the National Cybersecurity Awareness Month (NSCAM) in October, it is crucial to emphasize the lasting significance of cybersecurity awareness in our digital space. The focus of NSCAM 2023 and its “Secure Our World” initiative is directed toward advocating four fundamental behavioral practices essential for individuals to adopt in their online engagements [12]. First, it is imperative to prioritize the use of robust passwords, complemented by the adoption of a password manager for improved security. Secondly, individuals are strongly encouraged to activate multifactor authentication as an additional layer of defense against unauthorized access. Thirdly, it is important to stay alert and quickly report any phishing attempts. Finally, the significance of consistently updating software is underscored as a proactive measure to address vulnerabilities and enhance the resilience of digital systems. By adhering to these key practices, individuals actively contribute to the collective endeavor of fostering a secure digital environment [12].

Jennifer-Marieclaire Sturlese
Cliquez sur la photo pour plus d’articles !

[0] Cover Picture: https://media.licdn.com/dms/image/D4E12AQH6a_9JgutaAg/article-cover_image-shrink_600_2000/0/1680708881416?e=2147483647&v=beta&t=jck_V9DDYXNRfyJoEwmIkIsBzIzm1Wutr9ckUsYhG0k

[1] https://www.ibm.com/topics/cybersecurity

[2] https://www.european-cyber-defence-policy.com

[3] https://www.vtg.admin.ch/de/aktuell/themen/cyberdefence.html#7-regeln

[4] https://www.cyberdb.co/top-10-countries-best-prepared-cyber-attacks/

[5] https://norse-corp.com/map/

[6] https://www.accenture.com/us-en/insights/cyber-security-index

[7] https://www.itu.int/en/ITU-D/Cybersecurity/Pages/global-cybersecurity-index.aspx

[8] https://www.itu.int/epublications/publication/D-STR-GCI.01-2021-HTM-E

[9] https://www.cambridge.org/core/books/tallinn-manual-on-the-international-law-applicable-to-cyber- warfare/50C5BFF166A7FED75B4EA643AC677DAE

[10] https://pariscall.international/en/

[11] https://www.coe.int/en/web/cybercrime/the-budapest-convention

[12] https://staysafeonline.org/programs/cybersecurity-awareness-month/


Dans la même thématique, la rédaction vous propose les articles suivants :

Tackling Fears Related to AI


Protection des données : Enjeux et perspectives