CarderPlanet
Professional
In addition to the extinction of animals and economic decline, climate change also provokes cyber attacks on organizations that either did not install cyber protection, or developed it without taking into account disasters.
We are all aware of the effects of climate change: more frequent and extreme weather events are occurring, and they will only continue. Sea levels will continue to rise. Agriculture and food will be under threat. The physical and mental health of citizens will be affected. There will be new pandemics. The economy will suffer. Some animal species will become extinct.
All of this is important, but what does climate change have to do with cybersecurity? And why did Chloe Messdaghi, CEO and founder of Global Secure Partners, talk about this at the RSA conference?
Global Secure Partners is a consulting firm that provides comprehensive services to develop and maintain a strong security culture, minimize the risk of security incidents, and retain valuable security employees. The company's founder and CEO is Chloe Messdaghi, a recognized cybersecurity expert and philanthropist.
"There is no direct causal link between climate change and cybersecurity. But the main conclusion is that climate change will lead to more cyber attacks," Messdaghi acknowledged.
The link between climate change and cyberattacks
Messdaghi said climate change is increasing cyber threats, instability and disruptions that cybercriminals can take advantage of. In particular, it noted the following effects:
For example, during Hurricane Sandy in 2012, large data centers were damaged, which led to Internet outages. The 2018 earthquake and tsunami in Indonesia damaged underground cables, disrupting Internet connectivity, mobile networks, and financial transactions.
For example, severe floods in 2011 in Thailand caused a shutdown in the production of electronics, including hard drives and semiconductors. A certain number of factories have suspended their operations, including Western Digital.
How the IT and information security industries affect climate change
The cybersecurity industry may not be directly responsible for climate change, but it is part of a larger IT industry that contributes to climate change:
According to the International Energy Agency (IEA), global data centers consume up to 320 terawatt-hours (TWh) of electricity annually, or about 1.3% of global electricity demand — more than Iran's energy consumption.
Data center transmission networks consume up to 340 TWh of electricity annually, or about 1.4% of global electricity demand. Together, they account for 0.6% of total greenhouse gas emissions.
The Sierra Club and Earthjustice reported that crypto mining in the United States from mid-2021 to mid-2022 resulted in 27.4 million tons of CO2 emissions, which is 3 times the emissions of the largest coal-fired power plant in the United States in 2021.
How to reduce your risk
Reducing the number of vulnerabilities and attack risks associated with climate change also requires standard cybersecurity practices.
Messdagi provided several recommendations for companies:
With regard to climate change specifically, Messdagy recommended that security teams collaborate with other workers in their organization and do the following:
Messdaghi also recommended that organizations start discussing climate change and how it affects the company's cybersecurity. The expert called on security leaders to focus on resilience and train their team to deal with the impacts of climate change, starting with cyberattacks.
We are all aware of the effects of climate change: more frequent and extreme weather events are occurring, and they will only continue. Sea levels will continue to rise. Agriculture and food will be under threat. The physical and mental health of citizens will be affected. There will be new pandemics. The economy will suffer. Some animal species will become extinct.
All of this is important, but what does climate change have to do with cybersecurity? And why did Chloe Messdaghi, CEO and founder of Global Secure Partners, talk about this at the RSA conference?
Global Secure Partners is a consulting firm that provides comprehensive services to develop and maintain a strong security culture, minimize the risk of security incidents, and retain valuable security employees. The company's founder and CEO is Chloe Messdaghi, a recognized cybersecurity expert and philanthropist.
"There is no direct causal link between climate change and cybersecurity. But the main conclusion is that climate change will lead to more cyber attacks," Messdaghi acknowledged.
The link between climate change and cyberattacks
Messdaghi said climate change is increasing cyber threats, instability and disruptions that cybercriminals can take advantage of. In particular, it noted the following effects:
- Extreme weather events can damage physical infrastructure, including data centers, servers, and critical IT systems, making them vulnerable to attacks.
For example, during Hurricane Sandy in 2012, large data centers were damaged, which led to Internet outages. The 2018 earthquake and tsunami in Indonesia damaged underground cables, disrupting Internet connectivity, mobile networks, and financial transactions.
- Supply chain challenges, especially in industries that depend on raw materials, energy, and transportation, may arise as a result of climate change. When supply chains are disrupted, businesses turn to alternative suppliers or adopt new technologies to maintain production levels. These changes can create new vulnerabilities in the supply chain that can be exploited by attackers.
For example, severe floods in 2011 in Thailand caused a shutdown in the production of electronics, including hard drives and semiconductors. A certain number of factories have suspended their operations, including Western Digital.
- The boom in remote work began during the COVID-19 pandemic and continues to this day. Remote work creates new security risks, such as unsecured home networks or personal devices used for work purposes. Security burnout is definitely going to increase if you work from home, and all the technological shifts are happening with new risks and new pandemics.
- The introduction of green technologies — or any new technology-creates new attack vectors. Attacks on such systems can lead to failures or losses if they are not properly protected.
- Nation-state attacks may increase as a result of geopolitical instability caused by climate change. Cyber attacks will target critical infrastructure, target new technologies, and seek to steal intellectual property related to clean energy and climate change.
- Cloud services, adopted by many organizations in an attempt to reduce their carbon footprint, allow them to eliminate new cloud threats and vulnerabilities.
- IoT devices adopted by many organizations to manage and monitor climate risks have their own set of policies and security concerns.
- Social engineering will grow as climate change causes more catastrophic events. Social engineering attacks are more successful when chaos occurs, Messdaghi said, citing the rise in phishing attacks during the COVID-19 pandemic.
How the IT and information security industries affect climate change
The cybersecurity industry may not be directly responsible for climate change, but it is part of a larger IT industry that contributes to climate change:
- Data centers consume a lot of energy, rely on fossil fuels, and generate a lot of emissions.
According to the International Energy Agency (IEA), global data centers consume up to 320 terawatt-hours (TWh) of electricity annually, or about 1.3% of global electricity demand — more than Iran's energy consumption.
Data center transmission networks consume up to 340 TWh of electricity annually, or about 1.4% of global electricity demand. Together, they account for 0.6% of total greenhouse gas emissions.
- Cryptoasset activity worldwide generates about 140 million tons of carbon dioxide (CO2) annually, or about 0.3% of global greenhouse gas emissions. In the United States, CO2 emissions are up to 50 million tons per year, which is up to 0.8% of total greenhouse gas emissions in the United States.
The Sierra Club and Earthjustice reported that crypto mining in the United States from mid-2021 to mid-2022 resulted in 27.4 million tons of CO2 emissions, which is 3 times the emissions of the largest coal-fired power plant in the United States in 2021.
- Artificial intelligence consumes a huge amount of energy. Training a single AI system can lead to the release of 113 tons of CO2. Artificial intelligence in all sectors affects CO2 emissions in much the same way as the aviation industry.
How to reduce your risk
Reducing the number of vulnerabilities and attack risks associated with climate change also requires standard cybersecurity practices.
Messdagi provided several recommendations for companies:
- Conduct a risk assessment;
- Develop a cybersecurity plan;
- Implement strong encryption and authentication protocols;
- Collaborate with other organizations;
- Develop a business continuity plan;
- Keep up to date with new threats and vulnerabilities;
- Develop a strong safety culture;
- Train your employees;
- Create and maintain an incident response plan;
- Develop cooperation with law enforcement agencies and government agencies.
With regard to climate change specifically, Messdagy recommended that security teams collaborate with other workers in their organization and do the following:
- Know your organization's carbon footprint;
- Promote remote work and reduce the number of business trips;
- Adopt green technologies and renewable energy sources;
- Promote policies and regulations that support sustainable practices.
Messdaghi also recommended that organizations start discussing climate change and how it affects the company's cybersecurity. The expert called on security leaders to focus on resilience and train their team to deal with the impacts of climate change, starting with cyberattacks.
