Geopolitical Cyber Threats and Business Operations

Understanding geopolitics contributes greatly in predicting the international behavior towards global issues that may have an effect on its national and economic security.

In this respect, every nation will continue to decisively protect its national interests and welfare which in turn will always be accompanied by possible geopolitical conflicts and tensions. Accordingly, it is of no surprise that the cyber front is becoming a centralized landscape for state sponsored confrontations. Not only because cyber-attacks can be easily cross-continentally conducted by a small number of personnel in contrast to conventional warfare, but also, such attacks usually represents a higher degree of attribution difficulties.

This is evident from a recent global threat 2019 report by Carbon Black, where it was noted that modern cyber-attacks are becoming “increasingly fueled by geopolitical tensions” and that global governments in 2018 experienced an increased cyber-attacks stemming from China, Russia and North Korea. 

Accordingly, cyber-attacks should no longer be perceived as acts with only technical, financial and legal implications, but also with a clear political, social and cultural dimensions that should be seriously considered in any effective cyber preparedness plan.

While many businesses may consider geopolitically influenced cyber-attacks as a threat to governmental entities, no matter their size, businesses and private sector entities should view themselves as a key target for such attacks. In this regards, almost half of the information security professionals surveyed during this year’s RSA Conference believe that when geopolitical decisions are made, cybersecurity ramifications are not taken into serious considerations.

The criticality of the situation can be further evident from a recent PwC Survey released in March 2019, where it was found that 72% of worldwide CEOs indicated that their company may be affected by geopolitical cyber activity. 

Though businesses may perceive cyber-attacks as actions with outcomes limited only to sabotaging network systems or exposing customers information for monetary gain on the dark web (which is often the case), in context of the continuously evolving geopolitical conflicts landscape, the bigger picture should be viewed. That said, businesses must realize that any given nation can be targeted with systematic economic and industrial cyberespionage campaigns by its adversaries.

These campaigns aim to undermine a nation’s capabilities and economic prosperity by theft of its trade secrets, proprietary information and intellectual property data. In this regard, businesses and private sector organizations can be the main victims of cyberespionage campaigns due to their key role in contributing to the innovativeness and development of the countries they operate out of.

According to the 2018 Foreign Economic Espionage in Cyberspace report by the United States National Counterintelligence and Security Center, when it comes to industrial espionage, cyberspace remains the preferred operational domain for foreign threat actors. Having the latter mentioned in mind and regardless of their origin, businesses (especially those with cross border operations) should:

  1. Continuously monitor and evaluate the international political scene as well and how might certain geopolitical decisions affect a nation where a firm may have business operations in. This would allow the firm to predict or at least mitigate any probable cyber risks associated with state backed cyber-attacks with the purpose of espionage. 
  2. Continually readdress their overall international operations practices and business architecture with regards to identifying their critical assets (data) and how it is used in every part of its international operations chain. In doing so, firms may find certain data localization points where it is crucial for the firm to eliminate as well as reengineer their international operational process with the aim of minimizing the flow of their sensitive data.
  3. Based on the previous point, some businesses more than others might be urged to heavily invest in encryption technologies in attempt to further protect their sensitive data.
  4. Evaluate the physical business travels of their key employees to certain destinations where it is likely that they fall in to being a victim of foreign cyber surveillance program, and hence, increase the probability of employees devices hijacking which might possibly give a privileged access to the firm’s network via the employees work laptop or smartphone.
  5. Evaluate its BYOD (Bring Your Own Device) strategy and whether frequently travelling employees should be allowed to bring any of their personal tablets, phones or laptops to the workplace and have access to the firm’s network.

While many businesses might think of data security with regards to international compliance and regulations which are primarily emphasized on the protection of customers personal and financial information (and customers healthcare information which is also the case for businesses in the healthcare industry), our aim of increasing geopolitical cyber threats and cyber espionage campaigns is to highlight the critical need of data protection pertaining to the business’s intellectual property and proprietary information.

Without doing or realizing the need to do so, businesses would probably lose its competitive advantages which may include patents, copyrights, internal business plans, manufacturing plans and trade secrets.

Mohamed ELDoh, MBA. is the Director of International Business Development at United Investment- Egypt & a Business Doctoral student at Grenoble Ecole de Management, France.

What’s Hot on Infosecurity Magazine?