Cyberwar vs Cyberwarfare - what does that mean to you?

Recently there has been a bit of discussion of the difference between Cyberwar and Cyberwarfare, while these seem similar on the face of it - it's important to understand the difference but also understand what this means in general to your security stance.

Definitions

Cyberwar:

The term Cyberwar tends to reference ongoing activity on the internet with malicious and criminal intent, this takes the form of Denial of Service (DOS) attacks, Ransomware, Viruses and Malware etc. against companies and individuals with the main motivator being financial gain.

Cyberwarfare:

This is a term being used to describe nation state attacks and activity where the intent can be to gain intelligence, compromise systems, shut down certain infrastructure or capabilities important to a country on a wider scale. The main motivators here can be murky and depend on which part of a foreign Government are conducting the operations, it can be solely intelligence based to retrieve information or insert information that helps their in country agents to do their job, or shut down critical parts of Government systems that may be seen as a threat - or as we are seeing in the Ukraine/Russia conflict - enabling military activity.

What does this mean for me?

Well I am making an assumption that Government agencies are not reading this for advice (if you are - please get in touch!) and that the audience for this post will be businesses or individuals who just want to get a simple breakdown.

Businesses

What this means for businesses will largely depend on what your size is, what your function is and whether you work with Government or Critical Infrastructure. General companies such as general shops, offices and services will likely need to continue to take the same precautions as always. Make sure you have secure passwords, up to date firewalls, software updates are applied and there is cybersecurity awareness training across your staff and enable MFA. These are the basics and you may need more depending on your size, but you are unlikely to be targeted in Cyberwarfare.

If your business is linked to the Government however, you may want to make a push to get certified to ISO27001, Essential 8 or other certifications that bring a high level of security. Some examples of businesses that may wish to look into this sooner rather than later would be:

• Energy companies

• Telco companies

• Universities with Gov research

• Companies with access to Government systems

• Medical companies (with patient data or ongoing important research)

• Security companies that look after Government sites

• Technology companies that supply Governments

• Other companies that supply Governments (Uniform supply, food supply, maintenance services etc.)

This list is not exhaustive but should give an indication if your business falls into this category.

Rapid uplift of your security posture can be challenging for sure, however with SecuriKiwi and our partners we can help get you there quicker with a much lower cost than going direct to companies. We can help tailor solutions around what you already have, your budget and skill level on site to make sure you get secure without the headache.

Individuals

Individuals generally don't need to change much beyond the usual advice:

• Enable MFA on all accounts

• Use secure passwords (consider a password manager)

• Distrust emails and calls unless you are expecting them

• Ensure you only contact a company on their listed site numbers (not numbers on emails)

• Keep your software updated (phones, tablets, PCs etc.)

The only thing to be aware of is phone calls or phishing for information, the last thing you want is to accidentally give someone the information they need to get into the company. You don't have to directly work for the Government to be considered 'a way in' - you just need to be adjacent and with some level of access or privilege that may be useful in Cyberwarfare. This comes down to distrust emails and phone calls, it can be worth adopting a secure approach - remove your name from your voicemail and stop answering the phone with 'Hello John speaking' as this can open a window for a malicious actor to start social engineering. If someone is legitimately trying to get hold of you, they will ask for you by name - if someone doesn't know your name then they should not be calling you.

Summary

In summary, just be aware, secure and keep up to date on the current news around ongoing threats in your country. These will vary regularly and by country or ongoing activity in the world.

If you're ever not sure - reach out to us and we will provide a free opinion on whether something looks suspicious or not.

If you're a business and want to discuss rapidly uplifting your security posture - get in touch! We can get a plan together and the ball rolling in relatively short order (depending on your processes).