Cybersecurity Defense Strategies: The Role of Cybersecurity in National Security
Written by: University of Tulsa • Dec 11, 2023
Cyber attacks pose serious threats to the public and private sectors. According to CompTIA, the United States is the most frequently targeted country for cyber attack, with 46% of global cyber attacks directed at Americans. If successful, these attacks can compromise valuable data, disrupt operations, and take a heavy financial toll.
In addition, cyber attacks present a growing threat to national security. A 2021 report from Microsoft notes that 48% of all nation-state cyber attacks targeted government agencies, while another 31% were directed at nongovernmental organizations (NGOs) and think tanks.
The Center for Strategic and International Studies (CSIS) maintains a living document that chronologically lists significant cyber attacks. As recently as May 2023, Chinese hackers breached a U.S. communications network located at an outpost in Guam. A month earlier, Iranian hackers targeted critical U.S. infrastructure using malware. And a month before that, a Vietnamese espionage group and other attackers attempted to exploit a security vulnerability with malware.
Considering the damage that a cyber attack can cause, leaders in the public and private sectors are increasingly recognizing the importance of cybersecurity defenses and response protocols. Because cybercrime is continuously evolving in its complexity and approach, competent cybersecurity professionals are essential to mounting a stout defense.
Many professionals who work in cybersecurity defense have an advanced degree in cybersecurity, along with plenty of on-the-job experience fending off cyberattacks.
Cybersecurity and the Costs of Cybercrime ¶
Between the private and public sectors, cybercrime costs billions of dollars annually, exacting a heavy toll on businesses and government alike.
Cybercrime’s Financial Toll on U.S. Businesses ¶
According to Cybersecurity Ventures, the costs associated with cybercrime will increase by 15% year over year for the next five years, with the projected cost of global cybercrime to reach $10.5 trillion annually by 2025.
At the same time, it’s estimated that spending on risk management and information security services will surpass $188 billion in 2023. Clearly, there is a discrepancy between what’s being spent to prevent cybercrime and the cost of recovering from an attack. Business owners and government organizations without proper cybersecurity defenses in place are at a higher risk of a successful attack, which ultimately costs more in the long run.
Business leaders should be mindful of the following.
- Statista reported in 2022 that the average cost of a data breach in the U.S. was $9.44 million.
- According to Legaljobs**,** small businesses were the main targets of 43% of cyber attacks.
- A study conducted by Juniper Research estimates the e-commerce industry will lose $25 billion annually via online payment fraud by 2024.
- In a recent Statista survey, 44.6% of respondents reported their global network was successfully compromised by a cyber attack within the past year.
- According to Verizon’s 2023 Data Breach Investigations Report, 83% of breaches were by external actors, and the majority of those breaches were motivated by financial gain.
- Comparitech reports that a successful data breach results in an estimated drop in value of 8.6% for publicly traded companies.
- Business Insurance projects ransomware will cause $30 billion in damage in 2023, and reports that new organizations are attacked by ransomware every 14 seconds.
Considering the prevalence of cyber attacks, businesses should make implementing cybersecurity defense measures a top priority. However, according to recent reporting by UpCity, 50% of small businesses in the United States don’t have a cybersecurity plan in place.
Cybercrime’s Financial Toll on National Security ¶
U.S. government agencies have comprehensive cybersecurity protections in place to fend off cyber attacks; however, that does not make them immune to cybercrime.
The following highlights relevant facts about the cost of cybercrime aimed at national security.
- According to IBM’s Cost of a Data Breach Report 2022, the average cost of a data breach in the public sector was approximately $2 million, a slight increase from the previous year.
- Comparitech reports that ransomware attacks against U.S. government agencies cost over $70 billion from 2018 to 2022. They estimate a total of 330 individual ransomware attacks occurred over that period.
- The U.S. Government Accountability Office has made over 4,000 recommendations to government agencies to address cybersecurity shortcomings.
Common Cyber Threats and Cybersecurity Defense Strategies ¶
Cyber attacks can take various forms and cybercriminals have become increasingly sophisticated in the way they launch these attacks. As such, it’s vital for business and government institutions to ensure they’re familiar with the latest cyber threats and how best to respond to them.
Malicious software — more commonly referred to as malware — is an umbrella term used to describe many different types of cyber attacks, including spyware and ransomware. Malware deceives users by appearing to look harmless, sometimes taking the form of an attachment sent from a known source, such as a co-worker or friend.
Once malware has been downloaded, it can compromise a single computer or an entire network of systems. The cybercriminal who created the malware determines its effect.
To avoid malware, users should:
- Keep up to date on best practices for avoiding malware
- Never download applications, media, or attachments from unknown sources
- Always use software from a reputable source
- Never work on a network without cybersecurity defenses in place
- Perform regular audits of their website and computer network security
Phishing attacks aim to steal valuable information such as credit card numbers, login credentials, user data, or other sensitive material. Cybercriminals trick their victims into opening a message or email that contains a link that compromises their computer or system network.
Phishing attacks usually lead to identity theft, stolen funds, or unauthorized credit card usage. In addition to targeting individuals, phishing scams also target entire organizations.
To prevent being the victim of a phishing scam, users should:
- Use two-factor authentication on sensitive applications
- Use complex passwords that cannot be easily guessed
- Change passwords frequently
- Never click a link or download an attachment from an unknown source
- Install antivirus software that wards off phishing attacks
Ransomware is a type of malware that holds a victim’s information hostage via encryption. During an attack, the individual or organization will not be able to access any of their applications, data, or files. The cybercriminal will demand that a ransom be paid to have access restored. Typically, the ransom must be paid within a certain amount of time or the user will never regain access to their information.
Ransomware attacks have caused significant damage to organizations, with some attacks resulting in long-term repercussions. Some businesses never recover after a successful ransomware attack, which is why having the appropriate cybersecurity defenses in place is critical.
To prevent a ransomware attack, users should:
- Ensure their software is up to date
- Never click on links or download attachments that aren’t known to be safe
- Never insert a portable drive from an unknown source into any computer
- When using a public network, always use a virtual private network (VPN)
DDoS Attacks ¶
A distributed denial-of-service (DDoS) attack disrupts the normal flow of website traffic by flooding servers and networks with internet traffic consisting of bots (nonhuman users). This keeps real human users from being able to interact with the business. The result is that human users get a denial-of-service message, meaning they can’t access the website.
Some common signs of a DDoS attack include suspicious amounts of traffic, a large amount of traffic originating from a single IP address (the designation that identifies a computer’s location), odd traffic patterns, and unexplained spikes in activity. The best ways to mitigate DDoS attacks are:
- Using a DDoS security service
- Investing in cybersecurity defenses that protect network infrastructure
- Closely monitoring website traffic for odd patterns and abnormalities
- Using web application firewalls
Cybercrime Examples and Potential Impacts ¶
Unfortunately, many cyber attacks have been successful and resulted in significant repercussions.
The Colonial Pipeline ransomware attack of 2021 illustrated how cybercrime can significantly impact U.S. infrastructure. The attack forced the company to shut down the pipeline until it paid a $4.4 million ransom via Bitcoin, which it ultimately did. However, service stations in cities such as Charlotte, North Carolina, experienced significant fuel shortages, which hurt civilian travel.
Another impactful cyber attack in the public sector occurred in 2019 when ransomware was successfully used against the city of Baltimore, ultimately costing $18.2 million. The attack crashed the city’s email and dispatch systems and compromised its networks. A disturbing note about this attack is that the original ransom the attackers demanded was $76,000. By refusing to pay, the city incurred damages more than 240 times the original ransom amount.
In June 2023, CNN reported that Russian cybercriminals initiated a global cyber attack targeting many U.S. federal government agencies, including the U.S. Department of Energy. Although no significant damage was done, the incident is another in a string of countless examples of the U.S. government becoming a prime target of malicious cyber attacks.
Cyber attacks can harm or otherwise impair an organization or national security in numerous ways, which is why they’re so dangerous. A successful cyber attack can have one or several negative outcomes, such as:
- Normal day-to-day operations cannot be conducted.
- The public loses confidence in the business or institution.
- The business or government agency suffers significant financial losses.
- Intellectual property or proprietary information is stolen or compromised.
- The organization or government agency must drastically alter its operations.
- Media outlets report on the organization or government agency in a negative light, causing reputational damage.
- The organization or government agency must invest a significant amount in cybersecurity defenses and legal support.
Become a Leader in Cybersecurity Defense ¶
For organizations and institutions to mitigate the chances of being compromised through a cyber attack, they need to invest in robust cybersecurity defenses. Cyber attacks can be prevented through competent leadership and planning, skills that can be developed by pursuing an advanced education in the field.
Individuals who aspire to fight cybercrime should explore the online Master of Science in Cyber Security program offered at The University of Tulsa. The program is designed to equip graduates with the skills and expertise necessary to enter the cybersecurity field and make an immediate impact.
Learn more about the program and how it prepares professionals to lead cybersecurity defense.