This blog was written by an independent guest blogger.
Cybersecurity and climate change. These two issues seem, at least on the surface, like they couldn't be farther apart. One conjures Matrix-like, futuristic visions of tech bros and shadowy figures hunched over laptops. The other, third-world dystopias, famine, and mass extinction.
However, a deeper dive into these important global concerns shows that they are more intrinsically connected than you think. In fact, some experts believe that climate change is the biggest security threat mankind has ever faced. That includes cybersecurity, and these are issues that affect everyone on the planet to varying extents.
How exactly does climate change impact cybersecurity, what are the economic impacts of these issues, and what can we do to mitigate the problem?
In the words of Zach Stein, co-founder of Carbon Collective, a first of its kind investment advisory firm that focuses on solving climate change through targeted investments and divestments: “We can’t take these all-or-nothing views. The world is nuanced. It means we need to give room for people and companies to improve."
Where climate change-related security threats originate
Climate change poses a national security threat that extends far beyond our borders. We now experience 100-year weather events annually, Diminished biodiversity adversely affects the food chain and resource availability, as do droughts and extreme flooding. These problems lead to social anxiety and unrest, contribute to mass migration and displacement, and make us all more vulnerable.
Between pandemics and work/school closings due to inclement weather, more people are working and learning from home. However, many business owners and school administrators don't prioritize even the most basic cyber security best practices for home-bound students and workers. This increases the attack surface and puts more business owners, government agencies, and individuals at risk for cybercrime.
Crime is also increased by economic stress.
Desperation leads to desperate acts. During such times, you'll see an increase in scams, identity theft, and hacking exploits. You also have politically or socially motivated hacks by persons on both sides of the climate change argument, either in an effort to make a statement, prove a point, or benefit financially from instability.
The environmental and financial impact of cyber crime
The increased use of computing resources due to a surge in remote work, blockchain mining, and supercomputing also contributes to climate change. People who no longer trust financial institutions due to prominent hacks and leaks are shopping and trading online or putting their money in cryptocurrencies.
This poses its own set of climate-related and cybersecurity threats.
In 2019 alone, Bitcoin mining consumed more energy than the entire country of Switzerland. Data centers accounted for two percent of the world's total power consumption that same year, and that was before the use of such centers really exploded. Internet usage accounts for another 10 percent of global energy consumption.
Infrastructure investment, resource mining, and fossil fuel production contribute to negative economic, supply chain, and environmental impacts. These and related industries have long been favorite targets of cyber criminals. The 2021 ransomware attack on the Colonial Pipeline cost the company $4.4 billion to end, and resulted in untold damage to the company's finances and reputation, This was merely one out of hundreds of such attacks on energy producers and related organizations,
The economic impact of energy sector security hits companies, workers and their families, and consumers who have to pay in loss of service or income and increased prices.
Veering away from dependence on fossil fuels toward more sustainable energy sources is a start.
Here are a few more solutions.
Combating the twin threats of climate change and cybercrime
At their annual meeting in Davos, a consortium of world business and economic leaders compiled the 2022 Global Threat Report. Among their findings was the fact that it will take a unified, global effort to head off long-term climate catastrophe. This includes a more aggressive approach toward mitigation and greater investment in sustainable energy.
However, it will take more than energy conservation or performing the occasional risk assessment to combat these issues. Some concrete measures that can reduce vulnerabilities toward cybercrime and climate change include:
• Exploring new technologies. Crypto-mining platforms have committed to exploring methods that use fewer resources during the cryptomining and NFT minting process. This includes use of Hyperledger Fabric to centralize block creation, initiating blockchain smart contracts for easier validation, and developing more efficient cooling methods for data centers and supercomputers.
• Educating stakeholders. This includes not only teaching users basic security practices but also educating them on how to spot and avoid scams, such as identifying misinformation about climate-related emergencies. From the design and security side, baking cyber security into app and platform design, reducing the risk matrix, and proactive cyber security practices are methods to reduce the cost and risk.
Business leaders and IT professionals should include climate change in their risk assessment protocols and procedures. For example, having a backup plan in the case of a weather or cybercrime event that limits business disruption and prevents accidents like spills or leaks. Incentivizing companies to invest in smarter, sustainable technologies and reducing environmental risk will also make a huge impact.
• Increasing cybersecurity investment. Businesses in the tech, financial, and energy sectors should prioritize cybersecurity spending, invest in more efficient production technologies, and upgrade or replace vital infrastructure. It's also incumbent upon government intelligence agencies and policy makers to set up dedicated departments, platforms, and unified protocols to assess, prevent, and combat climate change and cyber security threats.
• Deploying technologies to prevent climate-related disasters. This is in addition to hardening critical infrastructure and prioritizing proactive cyber security and risk identification. For a start, asset management, resource allocation, and equipment maintenance can be automated using AI-based technologies.
Instability, food insecurity, and widespread environmental damage contribute to the kind of despair and hopelessness that leads to mass unrest and criminal behavior. Desperate conditions lead to desperate acts. They also increase the number, methods, opportunities of people willing to take advantage of social disruption and decline.
Proactive cybersecurity won't reverse the effects of climate change. However, it will help reduce the financial and economic impact of global warming on businesses, individuals, and society at large.