June 20, 2024
Stéphane Duguin, Chief Executive Officer of the CyberPeace Institute, said that the Institute is an independent and neutral non-governmental organization in Switzerland that offers free cybersecurity assistance, provides threat detection and analysis and advocates for respect of laws and norms in cyberspace.
Since the 2022 invasion of Ukraine by the Russian Federation, the Institute has documented a proliferation of threats and threat actors siding with both belligerents.
“Warfare is no longer the sole preserve of States,” he said, noting that a range of non-State actors — from criminal groups, hacktivist collectives with geopolitical motives and other civilians — taking part in cyberattacks and operations. It traced 3,225 cyberattack campaigns by 127 different threat actors, targeting 24 different critical infrastructure sectors and affecting some 56 countries. The harm caused by these cyberattacks is felt far beyond the borders of the belligerent countries, with about 70 per cent of all cyberattacks impacting organizations in non-belligerent countries.
He reported that in February 2022, a cyberattack by the “AcidRain” malware targeted Ukraine’s broadband satellite Internet access. It impacted the functioning of wind turbines across Europe. A major German energy company lost remote monitoring access to over 5,800 wind turbines, and thousands of satellite Internet service subscribers in Germany, France, Hungary, Greece, Italy and Poland were also affected. Cyberattacks are also used to evade international sanctions and finance illegal activities. Citing the activities of the Kimsuky and Lazarus groups that have been attributed to the Democratic People’s Republic of Korea, he said that “these criminal groups coordinate global cyberattacks of all types”, including against supply chains, cryptocurrency exchange and financial institutions. More than $3 billion is estimated to have been gained by these groups through these attacks. “Such an escalation of State-sponsored cyberattacks can create massive harm,” he said.
It is therefore important to foresee new risks, he said, citing the threat of quantum computing on cryptography and generative AI on criminal models. AI might be used to automate part of a cyberattack, which could bear “an unacceptable risk”. He said that responding to fast-evolving cyberthreats through a coherent strategy is complex, outlining some measures to be taken, including operationalizing laws, norms and sanctions through the transparent documentation of violations to prevent the malicious use of cyberspace, including the misuse of AI or quantum computing. He also stressed the need to call out perpetrators.
“There cannot be de-escalation without attribution,” he said, as it can inform decision-making about countermeasures. It is also imperative to measure harm from cyberattacks comprehensively. The Institute is developing a methodology to measure such harm. “These aspects are critical to maintaining international peace and security, cooperating in solving the escalation of cyberthreats and harmonizing the actions of nations,” he concluded.