Industry Thought Leadership

CyberSecurity Is No Longer The Keyword, ‘Survivability’ in a Geo-Poli-Cyber™ Threatened World Is

June, 2019
Khaled Fattal
Chairman, MLi Group & Creator & Producer ‘Era of the Unprecedented’ Investigative Program

MLi Group

Today, traditional cyber strategies are failing on daily basis and at an unprecedented scale. Deloitte, Equifax, Yahoo, Marriott, Maersk, and Cosco are giants that discovered the hard and expensive way they were not immune to cyber threats. The WannaCry Ransomware attack on May 12, 2017 singly hit more than 150 countries. All this reflects on a seismic shift in the global cyber and non-cyber threat landscape, must prompt industry players and governments to re-consider and re-prioritize industry and the government sector to prioritize their understanding of cyber threats and to add and devise new strategies.

With Resiliency, Continuity & Cyber Security strategies & solutions failing to defend and protect governments & organizations on unprecedented scales from financial, ideological, terrorist, and politically motivated cyber-attacks, answers to two key questions are of critical importance: First, how do you secure your National or Corporate security, let alone safeguard your effective ‘Survivability’? Second, how can sector leaders, such as Telecom, convert these unprecedented & devastating cyber & non-cyber threats into unprecedented Competitive Advantage Opportunities today & for the 21st Century?

Unprecedented Damage & Cost - Lessons Still Unlearnt
In October 2016 the Mirai botnet delivered the largest DDoS attack ever. It shut down Twitter, New York Times, PayPal and hundreds of others and was highly likely to have “Geo-Political” motivation. Yet, not even a ransom was demanded.

Yahoo’s 1 Billion user accounts hacked in 2013 got revised to 3 Billion Shortly after. As a result, Yahoo’s acquisition price was reduced by Verizon by a massive $350 Million following this hack

In October 2015 TalkTalk, the UK telecom company suffered a cyber-attack at the hands of three teenagers who hacked it to impress their peers. MLi estimated the hard cost of the hack to be in excess of £250 million.

In January 2019 a British hacker was jailed for a commercial cyber-attack on a telecom operator paid for by a rival which took Liberia offline. If a paid hacker can devastate a business & shut down a country, just imagine the carnage an ‘ideological’ or destruction motivated cyber terrorist or national enemy can do to the economy and security of your nation state.

And a host of other politically-motivated cyber attacks have also surfaced over the past several years.

Naming the Threats to Mitigate Their Impact
Poli-Cyber™ & Geo-Poli-Cyber™ are MLi Group created labels in 2012-13 to identify and differentiate them from traditional financially motivated cyber attacks; they represent a new direction in political, ideological, ‘religious’ and destruction motivated cyber attacks that we predicted long before they became the daily devastating occurrences of today.

These labels were created to define new threat vectors that can cause devastation on unprecedented scales and to offer solutions to mitigate them that did not previously exist.

It is a fact, if you cannot name the threat you cannot mitigate the threat. Therefore, we identified Geo-Poli-Cyber hacks as attacks perpetrated by a new breed of local, regional & global political, ideological, ‘religious’ and destruction motivated cyber hackers.

Geo-Poli-Cyber™ attacks are those perpetrated, directed, or inspired by extremist groups, national security agencies, rogue states, proxies, among others.

Direct Looming Threats to Sector Players such as Telecom Operators
Another looming threat to many sectors and ecosystem players, including digital service providers and telecom networks, will challenge national telecom authorities worldwide. The imminent prospect of Internet services being deployed from satellite by global private sector players will bypass local authorities and challenge traditional telecom models, revenue streams, customer retention and loyalty like never before.

For some, this might prove to be a lost cause in the making. But for others who are truly forward-thinking and who start building new strategic relationships that can offer new and compelling solutions and services their individual and corporate customers do actually need will increase their chances of mitigating these threats successfully. In fact, doing so will set them on course to thrive competitively in the 21st century.

Lack of Priority and Prompt Action are the Worst Enemies
Each one of the facts below should have triggered a need for serious change in mind-sets, strategies and solutions at national and corporate levels, but they haven’t yet systematically.

Irrefutable Facts:

  1. Cyber attacks are breaching organizations & governments daily, globally & at unprecedented scales
  2. Politically-Motivated cyber hacks with the aim to change the political & economic directions of nations are now routine occurrences
  3. Destruction-Motivated new breed of cyber terrorists are on the rise
  4. The up-scaled sophistication & intensification of cyber criminals is ever growing
  5. Technology, AI, Machine Learning & IOT are evolving at breakneck speed – law enforcement can’t keep up
  6. Artificial Intelligence is being weaponized
  7. Current resiliency, continuity and cyber security strategies and solutions are failing governments and organization too routinely
  8. A 16-year-old can hack a government, a hacker can shut down a city or a country, and they have.

Alarmingly, the aggregate of all these facts and lack of proportionate strategic change make the new threats even more critical and imminent.

Rise of the New Breed of Cyber-Terrorists
The Geo-Poli-Cyber hacker is a new breed of destruction-motivated cyber-terrorists, with a political aim to change the economic and political direction of nations.

These players are a critical and alarming new dimension in an already extremely challenging global threat landscape. While conventional financially motivated cyber-attacks continue to increase in their frequency and grow in sophistication, the new Geo-Poli-Cyber attackers are even more threatening.

They are not interested in your customers’ bank details or in disrupting your service for a ransom; financial gain is not their primary motivation. They simply want to cause maximum damage. They want to cause devastation or even the destruction of their targets including infrastructure networks, multinational companies and state-owned assets.

Destroying a target creates publicity to boost morale amongst their followers, strengthen their global recruitment drive, and inspire followers to wage similar attacks. The higher the national or corporate brand or profile of the target, the greater the publicity they stand to gain.

Leadership Considerations to Survive & Thrive Competitively
With resiliency, continuity and cyber security strategies and solutions failing to protect and defend on unprecedented scales, nation-states and corporate leaders must re-consider the security strat-egies they are currently following. These are the same strategies and solutions that continue to fail governments and corporations on daily basis. They must get modified, appended to, or changed, with a great sense of urgency, and before the next breach happens, when it becomes too late.

What must national and organizational leaders start considering urgently starting at the strategic level?

For nation-state leaders, a national Cyber-Survivability Strategy with a Specifically Formulated & Accelerated Legislative Road Map & Plan is necessary.

Similarly, for corporate leaders, a corporate Cyber Survivability Strategy with a Specifically Formulated & Accelerated Implementation & Operating Plan is fundamental to surviving in the new digital age.

Tough questions leaders you must ask of themselves
While more and more governments and organisations today operate online, virtually all are still relying on traditional cyber strategies that are failing daily and cannot defend against these new attackers. Failing to adapt not only to the increase in number and sophistication of attacks but the new motivations of Geo-Poli-Cyber hackers is an existential risk even for the biggest organisation.

Leaders of organisations and governments must ask themselves some very hard questions about their true readiness in this changed threat landscape and seek answers, and solutions before it is too late.

Fundamentally they must understand how to test or ‘Audit’ their current plans’ effectiveness in mitigating the emerging Geo-Poli-Cyber threats that could cripple or devastate them.

How do they safeguard their continued existence in a competitive market place? How do they secure their effective ‘Survivability’ and remain a competitive player?

Turning Unprecedented Threats into Competitive Advantages
Front Line Service Providers (FLSP), such as Telcos, who adopt new business models, strategies, solutions and services, as well as their corresponding policies and narratives to implement on themselves to help them mitigate latest 21st century Geo-Poli-Cyber threats can in parallel offer them to their stakeholders to do the same. This will not only be very rewarding financially short and long term, but they can also help them attain the ultimate competitive edge.

Forward-thinking FLSP leaders with the right mind-set and who can acquire the right strategies, solutions, services, tools, will discover how to convert these unprecedented threats into 21st century competitive advantages with cutting edge innovative services and solutions they would implement on themselves as well as offer them to their customers and stakeholders.

Unique Leadership Opportunities for Telecom Sector Players
Telecom operators that aspire and desire to turn these unprecedented and still unmitigated 21st century Geo-Poli-Cyber threats into competitive business advantages, new revenues, and to become more relevant to their customers and the nations they belong, can do so by aligning themselves through strategic partnerships to offer never-before-considered Cyber-Survivability Security Strategies, Solutions and Services.

Ideally, telco leaders will then be in a position to adopt and implement new solutions and services on themselves, as well as, offer them to their consumers and corporate clients through a uniquely developed MLi platform specially designed to better mitigate the 21st century financial and devastating Geo-Poli-Cyber motivated threats and attacks to achieve:

  • Security of infrastructure against latest cyber & non cyber threats
  • 21st century Geo-Poli-Cyber Data analytics
  • Testing of infrastructure as well as consumer and corporate set up
  • Continuous testing and updating of the infrastructure of the Telco
  • Continuous testing and updating on customers infrastructures & offered services
  • AI enhanced data analytics offerings to clients leveraging the client’s own data, with their consent, to help clients better secure their Cyber-Survivability and mitigate the changed global cyber and non cyber threat landscape
  • Compliance with current and future government regulatory requirements, by offering customers new services, solutions and tools
  • Continued relevance among telecom operators to their customers but also to their nation’s cyber Survivability & security
  • Increased customer base, market share, loyalty and reduction in customer churn, while delivering short to long term competitive edge and market advantages

A Cyber-Survivability™ Strategy is Unavoidable
Today, with the seismic shift in the global cyber & non cyber threat landscape, top decision makers and boardrooms need to stop focusing on cyber-risk and start looking into ‘Survivability risk’ & Cyber-Survivability. They must now urgently address how to survive the new Geo-Poli-Cyber attacks capable of devastating governments, nations and organizations and impacting people’s daily lives all over the world.

Determining the ideal Cyber-Survivability Strategy™ for any stakeholder starts with a new mind-set among leaders across public and private sectors and direct engagement with the MLi Group.

If you can’t answer these questions and are not implementing a comprehensive Cyber-Survivability strategy and some if not all its solutions and services to append or replace existing cyber security or information security plans, your national and corporate ‘Effective Survivability’ is at significantly high risk.

Local & Global Digital Economies under Unprecedented Threats Unless…
In April 2019, I was the guest of the UN WSIS 2019, where I spoke at the high-level panel on the global digital economy & trade which was very well received by many government and business leaders. But I fear neither enough leaders are fully aware of the grave and unmitigated cyber threats nor, for the most part, their exists a good understanding of the ways to mitigate them locally and globally. US$29 trillion is the size of the global digital economy today and it is under unprecedented cyber threat and constant attack. As robust as it may appear, it is however such a fragile ecosystem that any attack on it or disruption to it can have devastating consequences on people’s daily lives locally and globally.

To continue “as is” or with the same mid-sets, modalities, and business models is a recipe for disaster. Furthermore, to depend on current models of government legislation to mitigate these threats is wishful thinking at best because these legislative models are too archaic and cannot help in defending the states and and their inhabitants and stakeholders from Geo-Poli-Cyber attacks, which can devastate a business or a nation state without a single military target or critical national infrastructure being targeted.Front line service providers (FLSP) such as telecom operators, ISPs, law firms, etc., have a unique role in the society today at many levels. Any cyber threat materialized on any one of these or similar service providers has drastic implications on the well-being of the entire society.

For those who are still not convinced or compelled that “CyberSecurity is No longer the Keyword – Survivability is”, or that “Survivability in a Geo-Poli-Cyber™ threatened world” does not need to be the new top priority and focus, may heed the following words:

“Adapt or die”: Vint Cerf.
“It takes 20 years to build a reputation and five minutes to ruin it. If you think about that you’ll do things differently”: Warren Buffet.

Once compelled, true leaders don’t hesitate to act in taking the first step when an unprecedented opportunity to acquire the ‘competitive advantage’ in the 21st century stares them in the eye.