On Feb. 10, experts from the United Nations released a report detailing cyberattacks potentially sponsored by North Korea. The hackers targeted the American and South Korean healthcare industries, as well as their critical infrastructure.
The attacks above are classified as ransomware. Ransomware is malware, or malicious software, that holds the target’s files up for ransom by encrypting the content of the files. The target must pay a certain amount of money to retrieve the files back, usually in cryptocurrency. While ransomware can encrypt virtually all the files on the target’s device, hackers tend to encrypt files that contain personal or sensitive information that can be leveraged for a ransom.
These recent attacks are one of many that wreak havoc on international industries. According to IBM, the average cost of a ransomware attack is approximately $4.54 million, not including the actual paid ransom. This does not begin to include the mental toll on the victims when their personal information is leaked on the internet. Cyberattacks, regardless of type, are on the rise, leaving chaos in their paths.
Despite the devastating harms caused by these attacks, most people view cybersecurity as a strictly technical field, evoking images of the genius teenage hacker typing away in a dark basement. Yet, cybersecurity is more than just lines of code, as it affects all aspects of our digital lives.
The digital world is intrinsically connected to our daily lives, but the lack of understanding and norms on how nations, organizations, and individuals should interact in cyberspace creates a cyber “wild west,” which leaves us in a vulnerable position. Without people and educational institutions engaging with both the technical and human side of cybersecurity, the cyber world will only continue to grow wild.
Take the SolarWinds hack in 2020 as an example of the negative impacts of these attacks. This cyberattack affected hundreds of companies, a few government agencies and thousands of individuals. Hackers exploited a regular software update conducted by the Texas-based software company SolarWinds. The hack only worked in specific conditions: the victims had to download the software update and deploy it, and their network had to connect to the internet so the hackers could communicate with their devices.
Already, the technical lens of the attack raises huge concerns for the digital security of the victims. Yet, only focusing on the technical side of cybersecurity ignores a crucial piece of the story — according to the White House, the hack was supposedly directed by Russia’s Foreign Intelligence Service. There could be geopolitical ramifications as the attack coincided with historically tense relations between Russia and the United States, notably during the 2020 U.S. presidential election. Financially-motivated attacks seem rather simple: the attackers hack for money and possibly chaos. On the other hand, the motives for a politically-related attack are more diverse, such as espionage, damage to infrastructure or even multiple motives at once.
In fact, it is hard to investigate a politically-motivated cyberattack. Despite advancements in cybersecurity, tracking down the perpetrators of politically-motivated cyber attacks is incredibly difficult. It requires experts to rely on previous hacks, key signatures from different hacker groups and even the technical prowess of the attack itself. This facelessness in the digital world often leads to a lack of accountability. The ability to deny brings so many questions to the surface about cyberattacks, especially questions about the intentions and ramifications of politically-motivated ones.
For example, with both the SolarWinds and the recent healthcare attacks, would they be classified as acts of war? Some may define a cyberattack by a foreign government as an invasion or destruction of cyberspace, which can be comparable to a physical invasion and a valid act of aggression. Yet, is the cyber world completely equivalent to the physical world? What do we do about cyberattacks and digital spying happening within our own country against our own citizens, usually minority communities? This becomes even more tricky when the personal data of thousands are leaked from these attacks, leaving many vulnerable to identity theft and other cyber harms.
This brings us to the biggest question: what exactly are we doing in cyberspace? Unfortunately, there are only more questions than answers. The cyber realm’s lack of structure, as we see with the ambiguity of motivation in cyberattacks, as well as the covertness of these attacks, leaves us frozen in our tracks when an incident occurs. Sure, institutions and individuals may have a security plan to help defend their systems, but that excludes the human aspect of cybersecurity. This cyber “wild west” allows for the continuous infliction of harm to individuals and organizations.
Shreeya Parekh is a contributing writer for The Review. Her opinions are her own and do not represent the majority opinion of The Review staff.