TECH4GOOD
Is cyberspace the next war frontier? We have heard numerous stories of state-sponsored cyberattacks carried out against unfriendly countries inflicting serious damage on their infrastructures. Some of those attacks did not involve the use of well-organized and largescale operations as shown by the lone hacker based in North America who was able to take down the internet infrastructure of an infamous Asian autocratic nation last year. Is the Philippines ready to take on a cyberwar with another country?
Wikipedia defines cyberwarfare as the use of cyberattacks against an enemy state causing comparable harm to actual warfare and/or disrupting vital computer systems. Some intended outcomes could be espionage, sabotage, propaganda, manipulation, or economic warfare. They may be carried out for strategic or military purposes or even destabilization when election results, for example, are compromised.
The consequences can be terrifying and may even carry out the risk of nuclear escalation. Of course, the Philippines is not in a position to use nuclear arms to retaliate. What if the attacked country responds aggressively against the wrong party? The risk of escalation from state-sponsored cyberattacks has never been greater making our quest for global peace more convoluted.
A country does not have to be a great military power to carry out a cyber war. The weapons are relatively cheap to develop and use as long as the technical know-how is there. The cyber weapons that are being used today, however, are much more sophisticated compared to the I-love-you virus developed by a Filipino kid some decades back. A common characteristic among these weapons is their capability to inflict much harm stealthily making it so difficult to see where the attack is actually coming from. Examples of high-profile state-sponsored cyber weapons used in recent years include Sunburst which targeted a software company contracted by a government, the Wannacry ransomware, and the Stuxnet worm used to disrupt the nuclear program of a Middle Eastern country.
How should we defend against a state-level cyber-attack? Contrary to what many people believe, defending against cyber war does not just involve making our government’s digital infrastructure resilient. It is a serious threat to both individuals and organizations as well. This means that putting up our defense wall will have to start with the individuals applying the necessary cybersecurity best practices. Security awareness and training are critical to raising awareness about cyber threats and ensuring safe online behavior. This helps everyone recognize and effectively respond to potential attacks.
Organizations should monitor for suspicious activities and put in place incident response and recovery plans to quickly detect, respond to, and recover from attacks. Conducting regular vulnerability assessments and penetration testing would help identify vulnerabilities and the ability to simulate attacks to evaluate the effectiveness of defense mechanisms. They must also have a team in place or go-to experts to help them secure their cyber premises.
We are beginning to see the use of frontier technologies, such as behavior analytics, machine learning, and artificial intelligence to enhance the ability to detect and respond to sophisticated cyber threats. Coupled with implementing strong encryption protocols, these emerging tools can help ensure the resilience and integrity of digital systems and infrastructures.
Cybersecurity is a global issue and international cooperation is necessary to combat state-sponsored cyberwars. Collaboration among organizations, governments, and international bodies is crucial in establishing agreements and frameworks for threat intelligence, best practices, response coordination, norms, and enforcement. It can help, not only bolster defenses and deter attacks but also encourage accountability.
There is also the need to invest in our country’s cybersecurity research and development capabilities. That is crucial to making the Philippines stay ahead of emerging threats and develop new technologies to defend its cyberspace.
Our cyber defenses today are primarily handled by the Cybercrime Investigation and Coordination Center, an attached agency of the Department of Information and Communications Technology. This is the office that is responsible for the execution of the National Cybersecurity Plan.
Most global security experts say that defending against state-sponsored cyberwarfare requires a multi-layered approach that combines technical measures, organizational measures, and international cooperation. But a recent study was done by Armis, a global security firm, that says 33 percent of global organizations are not taking the threat of cyberwar seriously. Major powers, including those in Asia, have increased investments in their offensive cyber capabilities. They are reported to have created super cyber weapons in their arsenal to disrupt critical infrastructures anywhere and across nearly every sector. Our government and businesses across sectors should, therefore, start putting in place measures to counteract and mitigate these threats. [email protected]
(The author is the lead convenor of the Alliance for Technology Innovators for the Nation (ATIN), vice president of the Analytics Association of the Philippines, and vice president, UP System Information Technology Foundation.)