The escalation of cyber attacks against critical infrastructure in the United States was brought up by President Joe Biden with President Vladimir Putin in their Geneva summit last month — raising the profile of what has emerged as a major global security concern.
The New York Times reports that he handed to Putin a list of 16 areas of “critical infrastructure” such as power grids, water distribution systems and “the working of the Internet itself” prepared by the US Department of Homeland Security and warned that crossing this red line would warrant a retaliatory attack.
On the fourth of July, Agence France Presse reported a ”supply chain attack” by hackers versus a huge number of victims with a single blow against Miami-based firm Kaseya, an IT service provider for some 40,000 small and medium-sized businesses worldwide. While this attack did not cross the red line, Biden has emerged from the White House Situation Room mulling immediate options purportedly aimed at delivering a clear message to Russia: Putin must act to stop cyber-attacks originating from Russian territory.
Cyber-attacks may be compared to the 9/11 terrorist assault, according to the Director of the Federal Bureau of Investigation (FBI). The US President’s national security adviser said that the use of ransomware has become a top priority. Attacks on the Colonial Pipeline created an oil shortage in the US East Coast and forced the shutdown of JBS Foods, the largest meat processing plant accounting for 20 percent of beef supply.
Cyber attackers blackmail victims after stealing confidential and sensitive information. Targeted aside from large companies in the US are law enforcement agencies, emergency medical services and 911 assistance dispatch centers worldwide.
Closer to home, ASEAN countries mirror a rising tide of concern. In Singapore, 96 percent of all businesses have reported a data breach. The Philippines was flagged as the most vulnerable country to cyber threats in Southeast Asia in 2018 and 2019 while being ranked seventh globally, according to research by cyber security firm Kaspersky. In terms of cyber threat detection, the Philippines ranked 64th in 2019, compared to 74th in 2018.
Recall that in May 2013 a large-scale breach of the Commission on Elections’ voter database set off serious alarms on the security of government ICT installations. The Comelec downplayed the incident by saying the database is publicly accessible anyway and that the security of the automated election process was not compromised.
Since then, the cyber security landscape has changed significantly, forcing governments to intensify efforts to protect data integrity. A National Cyber Security Plan 2022 that seeks to attain a “trusted and resilient infrastructure” guides the Philippines’ Department of Information and Communication Technology (DICT).
As the pandemic has triggered a massive shift to online purchase and delivery of food, groceries and staple household needs as well as banking and business transactions, much more needs to be done to assure the citizenry that their privacy and the integrity of technology-mediated activities are adequately safeguarded.