Morten Kjærsgaard, Heimdal Security: “cybercrime performed by state actors is a strong way of funding attacks”
Because of the war in Ukraine, rates of state-initiated cyberattacks skyrocketed to impossible heights, with a big part of them focused on acquiring further funding for on-land warfare.
This brought on not only new cybersecurity challenges but also undeniable growth in the cyber sector. With small and large businesses being excessively targeted by cybercriminals, everyone scrambles to get some sort of cyber insurance, either financially or by building strong defense systems.
Do you believe the war in Ukraine is going to boost the cyber sector's growth?
Absolutely yes, and for multiple reasons. First of all, we already see governments across Europe and the United States pushing businesses to do more about their cyber defenses. Some also have financial incentives to do so.
Furthermore, businesses across Europe and the United States are naturally inclined to protect their commercial interests, and with the highly elevated digital threats from Russia, there is a natural drive to increase their cybersecurity posture. Personally, I expect a 12-15% acceleration of the cybersecurity market over current CAGRs.
What are your predictions for the global cyber insurance market?
We have seen that the cyber insurance market is reasonably reactive from the customer side. But with the growing number of attacks, I am, however, absolutely certain the cyber insurance market will also pick up as a result of the war in Ukraine and the increased activity from malicious actors. This will happen with a 2–3-month delay compared to businesses' own spending.
In your opinion, how will the war in Ukraine affect the B2B sector? Should companies take extra steps to protect their nearshore and offshore assets?
A cyber or IT problem can swiftly turn into a commercial concern. Practicing business continuity plans is a crucial step that businesses should take right now. What would it be like to work in an analog or pencil-and-paper environment for a few days, weeks, or months? Although everyone wishes to avoid such a scenario, consider what you would do if your IT systems went down. How would you track your inventory, manage your accounts, or interact with your staff and partners if your IT systems went down?
There can be no discussion here. Businesses need to increase their desired levels of protection with immediate effect. Attacks have soared and are likely to increase further. IT departments across Europe are under elevated pressure and as cybercrime performed by state actors is a strong way of funding attacks, businesses really need to be alert. It’s all about thinking proactively here.
While it seems like threat actors are mostly targeting institutions or companies, what should average individuals in Russia and Ukraine be vigilant about? What measures should they implement to enhance their cybersecurity?
The best defense is their own knowledge because the main route of attack at the moment is fraud. Fraud can be really hard to spot and almost impossible to protect against without a security product.
Have you noticed threat actors take advantage of the war in Ukraine to run new online scams or phishing tactics?
That’s an understatement! Although some cybercriminals are trying to help Ukraine, this all-hands-on-deck situation doesn’t impress the ones who try to profit. The scams related to the Russia-Ukraine war vary from “Help, help, I’m stuck here!” to “We need your support now more than ever!” People need to be very careful to whom they send their money if they want to donate and businesses should make sure that every employee recognizes the tell-tale signs of scams and phishing.
In your opinion, how will new strains of malware and ransomware be used in warfare? Who do you think will be the main targets?
Personally, I think there are 3 main routes here.
First of all, there is no doubt that both the EU and US, as well as Russia, will be looking to gain an intelligence advantage about what the other party is thinking and doing. Hence, state actors will be looking to penetrate individual country intelligence streams to gain valuable insights into what the opposition knows about their actions.
Secondly, it’s clear that Russia in particular needs a way to fund the war. Therefore, all US and European businesses are, unfortunately, viable targets for financial extortion or fraud.
Lastly, there is the infrastructure route, where actors on both sides will be looking to slow each other down by heavily crippling the IT infrastructure for the other party. Attacks can be both state-targeted and large enterprises-oriented (banks, for example) when these companies are important to a country.
How do you think the war between Russia and Ukraine affected the approach to cybersecurity when it comes to warfare?
Historically, wars were fought with tanks, planes, and people, but increasingly up through the 2020s, the picture has obviously shifted to heavy digital support of land-based warfare. The cybercrime approach is used both to slow down and/or cripple the other party, both financially and infrastructure-wise. It has the potential to be truly effective. In this context, cybersecurity becomes even more important, especially for the states involved in the conflict.