Your Company is the Target of Today’s Cyberwars by Adam Adler
Updated: Oct 21, 2020
Concerns over Russia’s meddling in the US election have made it abundantly clear that state-sponsored cyberattacks have advanced to a new level. Any one of us, by virtue of our personal or professional associations, can become a target of a hostile country’s online skullduggery. Though we all bear some responsibility for securing our digital lives, the bulk of our online self-defense lies outside our control, in the hands of the companies controlling our data. Protections for civilians caught in the crosshairs now need to evolve, as well.
Cyberwarfare refers to the use of digital attacks -- like computer viruses and hacking -- by one country to disrupt the vital computer systems of another, with the aim of creating damage, death, and destruction. Future wars will see hackers using computer code to attack an enemy's infrastructure, fighting alongside troops using conventional weapons like guns and missiles.
A shadowy world that is still filled with spies, hackers, and top-secret digital weapons projects, cyberwarfare is an increasingly common -- and dangerous -- feature of international conflicts. But right now the combination of an ongoing cyberwarfare arms race and a lack of clear rules governing online conflict means there is a real risk that incidents could rapidly escalate out of control.
Ransomware, which has been a constant source of trouble for businesses and consumers, may also have been used not just to raise money but also to cause chaos. Perhaps one of the most unexpected twists recently has been the use of weaponized ransomware to destroy data.
When North Korea attacked Sony Pictures in 2014, it was seen as nothing less than a foreign power’s assault on freedom of expression. “We cannot have a society in which some dictator someplace can start imposing censorship here in the United States,” said President Barack Obama at the time. In retaliation, the US imposed new financial sanctions and may have caused a blackout of North Korea’s internet. That was just an early hint of what was to come.
Since then, a purported hacking collective known as Fancy Bear, which several security firms believe receives support from the Russian government, has racked up an impressive record of high-profile attacks. Beyond hacking the Democratic National Convention and the German government, Fancy Bear also appears to have gone after private companies and individuals. It has compromised the French TV station TV5Monde; several people associated with Bellingcat, the citizen-journalist group that investigated the downing of a Malaysian plane over Ukraine; and, in late October, many Microsoft customers.
So perhaps it’s no surprise that Microsoft is feeling sensitive to the actions of state-sponsored hackers.
Under Smith’s plan, a Digital Geneva Convention would “commit governments to avoid cyberattacks that target the private sector or critical infrastructure or the use of hacking to steal intellectual property.” He argues that governments need to step up because global tech companies have been drafted as “first responders” to the assaults of digital spies and saboteurs. In his post, he cites a 2016 case in which Microsoft identified a nation-state-sponsored group that was conducting attacks using internet domains with names that spoofed the trademarks of companies. (Though he chose not to name the group, the example bears a striking resemblance to the Fancy Bear incident mentioned above. Microsoft declined to comment.) Smith says that Microsoft has worked with a federal court to take down 60 domains associated with nation-state attacks in 49 countries.
But tech companies cannot fight this war alone. That is why Smith’s plea has already generated some buzz. Eugene Kaspersky, a prominent Russian cybersecurity expert and head of Kaspersky Lab, hailed it as a “historic” call to action. US cybersecurity experts also praised Smith for calling attention to the need for protection against nation-state cyberattacks, but almost in the same breath noted that a Digital Geneva Convention would be hard to execute.
“He wants governments to agree to lay off the internet,” says Bruce Schneier, a security technologist and author of the blog Schneier on Security. “I think it’s a great idea because I do think we need norms for what is off-limits. But the devil is in the details, and there are a lot of details.”
For example, Smith calls for an independent organization to hold countries accountable for cyberattacks. No existing body even attempts that, says Herbert Lin, a senior research scholar for Cyber Policy and Security at Stanford’s Center for International Security and Cooperation. The next best thing might be a pledge that Obama and China’s President Xi Jinping made in 2015, promising that “neither country’s government would conduct or support cyber-enabled theft of intellectual property.” Two months later, that agreement led the Group of Twenty to affirm the same principle.
A cynical “Game of Thrones” saying comes to mind here: “Words are wind.” But if you don’t ever say the words, you can’t start shaping behavior.
“There’s general consensus that the Obama-Xi agreement has achieved some desired outcomes — such as acceptance of the norm of no direct or indirect government support of cyber-enabled theft of IP or economic data,” says Amy Chang, a cybersecurity researcher at the Harvard Kennedy School. “That alone is a benefit of agreements like this one.”
Leading tech companies don’t actually need governments in order to take a stand themselves. Their independence has the effect of moderating government actions to some degree, says Scott Borg, director of the US Cyber Consequences Unit, a nonprofit research institute. “Major tech companies are supplying the world, not just one country,” Borg says. “So it’s very important that they be as neutral as they can and maintain as high a level of trust as possible. They need to do that as a service to the world and, of course, to protect their business.”
In the end, a “Digital Switzerland” might be the smartest way for tech businesses to claim the moral high ground. But even Switzerland, while neutral, has never renounced its arms. Tech companies may soon find themselves embracing a similarly armed neutrality.
Adam Adler is a serial entrepreneur with over 18 years of experience all at top-level management and ownership. Primarily investing his own capital and building brands from the ground up. At the early age of 4, Adam began his tennis career at the world-renown Rick Macci Tennis Academy in South Florida. Adam remained a highly ranked Junior Tennis player for his entire junior career. Once completing high school, Mr. Adler received a scholarship to play tennis at the University of South Carolina and graduated in 2007 Magna Cum Laude from USC, double majoring in Sports & Entertainment Management and Business. While at USC, Adam began his career by developing a patented algorithmic software as the base for his social networking company, Ultimate Social Networking Inc (USNI), and developing Ultimate College Model, seeing this to acquisition. Adam’s love for completion never waned. Adam began playing poker in his free time and quickly became entrenched in the game, studying hours a day. Adam traveled around the country playing in some of the highest stakes No Limit and Pot Limit Omaha cash games in the world. Adam has made multiple World Series of Poker Final Tables, with his most notable finish coming in 2018 with a runner-up finish in the$10,000 Turbo Event. Adam has won millions of dollars in both cash game and tournament poker over the last 15 years. Adam’s second venture began with assembling a team of the best molecular scientists, mostly Merck and Amgen biochemists and formulators, and building out a multi-million dollar, 30,000 sq. ft. FDA/cGMP approved facility in Oxnard CA. This is where Adam’s passion for biotech really began. His sports background allowed him to take this brand and bring in global icons around a strategic marketing plan activating the world’s most iconic athletes and celebrities. Adam developed this revolutionary technology in 2009. Using sublingual, buccal mucosal, and transdermal absorption directly to the bloodstream, by-passing the GI tract, Adam’s company Fuse Science completely changed the way consumers receive vitamins, electrolytes, nutrients, and medicines. Going direct to the bloodstream, bypassing the GI Tract, the platform technology was a game-changer. Adam self-funded this company privately for over 2 years, developing the product line and securing the IP. As Chief Executive Officer, Adam grew the company rapidly, seeing its market cap increase from $500,000 to over $100,000,000. Adam put together one of the most impressive lists of athlete partners on the planet, signing Tiger Woods (including the rights to his bag for 5 years), Andy Murray, Tyson Chandler, Paul Pierce, Big Papi David Ortiz, Jose Bautista, Arian Foster, Paul Rodriguez, and many others. Adam’s deep-rooted relationships with the world’s top athletes and celebrities are his core group of friends along with business partners. Adam's handpicked a Fortune25 management team, hiring the President of SC Johnson, CEO of Footlocker, Chief Scientific Officer for Johnson & Johnson, Clinical Director at Merck, Head of Duke Sports Medicine, and had over 100 employees. Adam brought Daymond John and Shark Branding in as partners as well. Adam has placed products in over 100,000locations, including Walgreens, CVS, Sports Authority, Dick’s, Duane Reade, 7-11, GNC, Walmart, Target, Costco, Vitamin Shoppe, and many others. Mr. Adler is currently managing The Adler Fund, investing in real-estate emerging growth companies with a focus on cybersecurity, cannabis, and biotechnology.