#IRISSCON: Understanding the Reality of Cyber Threats to Improve Defenses

Understanding the true nature of cyber-threats is critical in enabling organizations to protect themselves, according to Ciaran Martin, Founding CEO of the National Cyber Security Centre and Professor, University of Oxford.

During a session at IRISSCON 2021, Martin said it is important to be more realistic about the true threat cyber-attacks pose to society. For example, he had recently re-watched the classic movie WarGames, which “set a tone about the catastrophization of cybersecurity in a way that just doesn’t match reality.” In WarGames a hacker could set off a nuclear war, and Martin commented: “nothing remotely like this has ever actually happened” in the 38 years since it was released.

In reality, the vast majority of threats are “small scale,” impacting individual organizations. Martin then set out the three main categories of cyber-threats:

1. Getting Robbed

Cash theft – this can range from scamming individuals online to large-scale bank heists
IP theft
Data theft

2. Getting Weakened

Espionage – this normally involves nation-states accessing and stealing confidential data about governments and major organizations. A recent example of this is the SolarWinds attack in 2020.
Political interference – this encompasses a range of tactics, including hacking to ferment political discourse and leaking data about political figures e.g., Hillary Clinton in the 2016 Presidential election.
Prepositioning – this is where threat actors intrude into key systems, ‘implanting’ themselves on a network. Martin said this often occurs during times of peace, ensuring that should tensions escalate between nation-states, there is the capability to undertake espionage activities or launch attacks.