Explained like I'm 5 - cybersecurity in the current context

These views are my own - not the company I work for.

I decided to work for a company in the healthcare sector, a medical technology company for personal reasons. Because I believe in a company whose purpose it is to support doctors and patients: article 25 of the Universal Declaration of Human Rights includes the right to medical care. This is amplified by the current geopolitical situation.

In the cybersecurity community we are doing our part, 24/7. In this case, it means getting a perspective on the current global crisis to know where and how Cybersecurity professionals can support: in the course of the military conflicts in Ukraine and especially from the threat in cyberspace, potential threats also arise for Europe and the allies of Ukraine.

I will try to abstain from unnecessary pathos and political opinions but also my usual humorous writing style. I want to use this article to explain very shortly the theory behind and growing significance of cyberwar, embedded in the current context. Because this is a part of the current war you can't "see". But that doesn't make it any less real.

Cyber warfare - a new reality.

The current situation shows that imperialistic warfare with human beings in ground troops is (sadly) not yet outdated, but being supported in cyberspace through hackers – as Gabor Steingart put it: hybrid warfare is the bayonet of the present.

Cyber warfare means using computer networks and information technology to unleash attacks in cyberspace – and there is no definitive way to conduct it. Though some people have the misconception that it is literally adversaries shooting lines of code at one another, cyber warfare may involve attacking networks and systems in real-time, but also covert activities such as stealing information and sabotaging infrastructure. The actors in this case are not necessarily government bodies or strategically organized, they have a militia character and experience support from civilians on both sides - but hacking is always a crime.

Russia's cyber capabilities ....

Cyberconflict has a relatively short history, as it is rapidly evolving. One notion however has been established with great certainty and wide acceptance, namely that Russia has significant cyber capabilities and is willing to use them. What we have observed that these attacks have been targeted against Ukraine way before the physical invasion of February 2022. In 2015, Russian government hackers breached the Ukrainian power grid, leading to widespread outages and in 2017 Russia deployed malware via a Ukrainian tax software. This last virus spread across the globe, costing businesses millions of dollars (in damage and reputation).

... paired with Ukraine's position ...

This hits Ukraine in a vulnerable spot – the tech sector in the country has been booming for years:

1. in the past year alone, Ukraines IT export volume increased by 36% to 6.8 billion US dollars with approximately 100k people?working in software development and IT, making it the countries third largest export goods
2. tech expert Gartner has ranked it as the #1 Eastern Europe country for big companies to outsource coding to and
3. Ukrainian startups have invested 33 mio US dollars in the last year alone.

... in the current situation ...

This success is being crushed. In the past few weeks, Russian cyberattacks against Ukraine were textbook-ready: as early as February 23rd, Russian hackers attacked Ukraine with malware, a diversionary tactic targeting finance, energy and the IT industry by the name of “hermetic wiper”. These initial attacks aimed at throwing Ukraine’s administration back into the Middle Ages, their only goal: chaos. This was followed by attacks by loosely organized, elusive hacker groups, you can imagine it as scoundrels and marauders invited to plunder the enemy’s lost lands with the attacker’s approval.

Two opposing opinions currently circulate on the topic of this specific war and Russia versus Ukraine:

a) Since Russia has not shown signs of a truly sophisticated cyber attack, it seems less likely they have the capabilities to deploy if needed – and instead focus more on cyber weapons that cause less damage but are easier to contain.

b) Reports on activities in cyberspace are rapidly increasing, even German federal offices are warning of an aggravated threat situation.?

... and what this means going forward.

We currently cannot know which one will show itself as true – and therefore we all need to be vigilant, prepared, continue our cyber efforts and show a united front. Because there are 2 things we can certainly state as true:

1. we don't know how this specific conflict will end and
2. the risk of cyberwarfare will prevail
3. making cybersecurity exponentially more important.

Please be aware that this article is an extremely simplified explanation to give you a better theoretical understanding of a complex Cybersecurity topic - written by me as an individual to the best of my knowledge and ability. Please see the?Siemens Healthineers publications?for all?official?documentation.