Strength in numbers: why collaboration is key in digital warfare

Jim Tiller is the Harvey Nash Group CISO; he is a recognized cybersecurity expert with over 25 years in the industry, operating in the boardroom and at a technical level. He recently spoke to David Savage, Group Technology Evangelist, as part of the Tech Talks podcast series. Here, David summarizes key points from their conversation, whilst the full interview will be published on Tech Talks on Tuesday 15th March.

We are now over two weeks into the crisis in Ukraine. In that time we have witnessed the awful cost of war; communities reduced to rubble and a flood of refugees seeking safety in neighboring countries.

Each day brings new, visually arresting reminders of the tragedy conflict delivers.

However this conflict is not two weeks old. It can be charted back before 2014 when Crimea was annexed, and it’s constantly evolving. Numerous strikes carried out in cyber-space. 

As a technology commentator I must admit I was embarrassed at my level of ignorance concerning the cyber attacks carried out against Ukraine over the past decade.

I was left asking whether the nature of these previous attacks could have helped equip Ukraine and the West to better prevent the events we now see unfolding.

So I picked up the phone to Jim Tiller, the Harvey Nash Group CISO (Chief Information Security Office) to ask him to share his insight and expertise; how is cyber changing the nature of war, what’s our response and what comes next.‍

Could we have seen this coming?‍

In 2017 a devastating attack on Ukraine’s financial system was launched using the NotPetya malware; famously Maersk was affected, causing days of huge traffic jams in New Jersey.

Whilst that might seem trivial in the circumstances, it highlights how the impact of such a devastating attack was felt far beyond Ukraine, despite 80% of the infections happening there. Jim’s concern is that we didn’t learn enough from the attack.

“When we look at what’s happening today, whilst we haven’t seen that leakage, NotPetya was a seminal moment and that was five years ago. One could argue there was a lot to learn from that experience and strengthening of infrastructure.”

Jim characterized the mood of feeling as “it’s just cyberwar”, drawing parallels with deaths on our roads; tens-of-thousands die every day but we don’t talk about it. 

However, that may be changing. In January this year around 70 Ukrainian government websites were taken down in an attack known as Whispergate.

The international response was significant, with the EU deploying a cyber rapid-response team, and Microsoft sharing technical analysis on the tools and techniques used. ‍

It’s time to flex our muscles‍

“This will change how we view warfare in the future. Cyber is now on the frontal-lobe of everybody, whether you believe what’s happened so far is impactful or not.”

Governments did respond to NotPetya, but greater progress can be made via relationships built with the private sector. Whilst there is some pre-formed resistance in place, it’s time “to start building muscles and connective tissue”. 

DORA (the Digital Operational Resilience Act) is one example of that strengthening. Government agencies are collaborating and that promises to raise expectations of resilience across EU financial institutions, minimizing the impact of ransomware in the future.

Multi-factor authentication and segmentation is also increasingly being built into cloud environments and infrastructure, making sure the level of security needed is more readily attainable.

The events in Ukraine are a watershed moment in cyber, leading to a rapid acceleration of policy creation and adoption, and an increase in the availability of technology and tools. ‍

“High tides raise all ships”‍

We have to ask ourselves what our role is in cyber warfare. 

“There is so much we can accomplish by getting the basics right.”

It costs so much more in sophistication and money to make weapons as effective as our defenses, highlighting the impact we can have if we work together.

The community is coming together to help realize the basics; companies like CrowdStrike and Cloudflare are making free services available to help organizations who are struggling to get it right.

Our response to the awful events unfolding in Ukraine has to be rooted in collaboration.

Government agencies can’t act alone but can bring the private sector together. Alongside collaboration we have to do our best to implement the technology we have today correctly.