Businesses risk becoming “collateral damage” in nation-state cyber wars

Revelations that North Korea is using “widespread and increasingly sophisticated” cyber attacks to steal money highlight the risk of collateral damage from nation-state attacks – with one security expert warning that businesses are so highly interconnected that they run the risk of becoming targets if they don’t co-ordinate cybersecurity defence with partners and other stakeholders.

Recent Reuters accounts of a confidential United Nations report suggested that North Korea has managed to steal up to $US2 billion ($A2.9b) to fund its military development by leaning on “widespread and increasingly sophisticated” cyber attacks.

Those attacks, which targeted more than 35 banks and cryptocurrency exchanges in 17 countries, highlighted the increasingly volatile state of nation-state attacks – which run the increasing risk of affecting connected but unrelated organisations.

“You don’t want to be the splashback from an attack on somebody else,” Shawn Henry, a former FBI agent who now serves as president and CSO of CrowdStrike Services, recently told CSO Australia. “But because all of the networks are connected, the danger is very high for that to happen.”

That risk had also elevated because “much more brazen” adversaries “either are not afraid of being detected, or don’t think they are going to be detected,” he said. “And even if they are detected, they don’t believe there is going to be any type of retribution or accountability.”