CYBER THE NEW FRONTLINE IN GEOPOLITICAL WRANGLING
Compliance professionals understand more than most the importance of robust cyber security to protect their firms. Yet in an increasingly complex and fraught geopolitical landscape, cyber security has taken on another dimension, the fallout from which has potentially enormous ramifications.
In July 2023, Italy’s cyber security agency reported that five Italian banks had been targeted by hackers. The banks were subject to distributed denial-of-service (DDoS) attacks which temporarily disabled some of their services, carried out by what the agency called ‘pro-Russian’ groups.
In the same month, Microsoft revealed that it had identified an attack by a hacker group based in China, which was undertaking ‘espionage activities’. The group accessed confidential information of individuals from 25 organisations, including US government agencies.
More recently, in August, the Financial Times reported on the Russia-based hacking group ‘Clop’, which openly advertises its ransomware services online. The group is named after a form of ransomware that encrypts data by amending a ‘clop’ extension on files that are encrypted.
Clop announced in June that it had identified a vulnerability in the software MOVEit, giving it access to information held by Zellis, a large digital payment provider. When this story was reported in the press, Clop became rather defensive. Not because they were denying their criminality, but because news reports had alleged that Clop had conducted its attack for political purposes.
Each of these examples are indicative of a broader trend of states seeking to disrupt, confuse or manipulate other nations with whom they are in open, or tacit, conflict through cyber attacks. The result is an odd mélange of geopolitics, old-fashioned criminality and high-tech chicanery.
Oct-Dec 2023 Issue
International Compliance Association