With the advent of the Industrial Revolution 4.0 (IR 4.0) and the Internet of Things (IoT), the concept of smart cities, where all devices, infrastructure and citizens are seamlessly connected and integrated, is fast becoming a reality.
At every level, people are now becoming more and more highly connected to each other while our homes and offices are able to ‘talk to’ and monitor each through various devices. The internet and digital connectivity are also becoming an integral part of people’s lives, with wider internet connection penetration as well as faster systems enabling higher speeds and higher volumes of data sharing and processing.
Global Connectivity: Saviour or Slave?
The integration of the cyber domain into almost every aspect of modern living has made the Internet an indispensable tool to the functioning of society. Increased internet connection penetration and reach have led to the widespread adoption of mobile and connected devices in both developed and developing countries. This global connection of devices and networks has become the neural network that drives our planet’s future, bringing promises of continued advancement to utopia.
But it is this very same network that has become our Achilles’ heel. Like all technological tools before it, countries and corporations have become substantially reliant on this new normality, and have inadvertently put themselves at increasing risk of being enslaved by it. The same networks that manage our shipments of food or the production of goods are vulnerable to failure or even being overtaken by hostile parties. When this happens, will we be able to restore order by returning to more traditional ways? Will digital natives, both young and old, be able to revert to previously conventional ways to survive? Or will we be doomed to witness the not-so-gradual collapse of society as we fail to carry out even the most basic of survival tasks?
While the scenario of total doom and gloom is somewhat unlikely, the unintended consequence of the disruption of these connected networks cannot be denied or ‘swept under the rug’. In most cases, the consequences of any disruption to cyber systems, be it malicious or not, have been readily prepared for with numerous measures and countermeasures in place. However, most of these measures and countermeasures address the intended consequence of such disruption, which is the loss of function. Rarely do they address the consequences that are unintended. These unintended consequences are not always immediately evident, and can go unnoticed and unchecked for years, decades even, before its effects are finally felt.
A good example of the effect of unintended consequences could be seen in the aftermath of the 9/11 attacks. During the tragic events of 9/11, the crash and collapse of the Twin Towers in New York City triggered severe reactions. The most jarring and immediate was the animosity towards a large section of the world, heightened security around the country and the re-direction of substantial portions of the national budget towards security and defense.
What most did not realise at that time is that these actions in turn brought about a series of unintended and unforeseen consequences. From the heightened state of alert established in the United States, a second order impact emerged through the creation of an atmosphere of fear. It also derailed the local and global economy and airline industry for many few years, resulting in significant economic setbacks. From here, a third order impact soon becomes evident through the disruption of the United States by instigating certain degrees of impoverishment, such as the spending of money becoming less efficient at boosting the economy, replacing freedom with control, and creating a loss of social capital worldwide. And finally, a reactive backlash was ingrained in society, with suspicion possibly being permanently embedded in the psyches of most citizens. This in turn influences legislature, business processes, adding layers of safeguards which are costly and inefficient, and the effect being seen even as recently as in the events surrounding the US Capitol in 2021.
Uncovering the Flip Side of the Digital Revolution
In the aspect of cyber security, more often than not a less direct assault on the target is made. Cyber-criminals often bypass the primary target, which would be highly guarded and protected in the first place, and instead focus on secondary targets with the ultimate goal of weakening and circumventing the defenses put in place.
These secondary targets can encompass a wide range of candidates, from the families of employees, and related business acquaintances to even the vendors and various service providers that support the primary target. These targets are easier to isolate when the crisis is engineered, and therefore exploitable. Using these secondary targets, attackers can then in turn isolate primary targets, which are normally much better protected.
Furthermore, attacks on these targets are really cyber in nature; in this age of social networks, to be isolated, ostracised or excluded from these networks would have some impact on a person’s mental health, therefore making them vulnerable as intermediaries towards reaching the primary target. This form of indirect attacks are particularly effective in societies and countries that are used to free speech and the Internet as a tool for voicing opinions. A mere disruption of internet services alone can create a large vacuum akin to censorship and loneliness. This is in addition to denying most common activities such as online shopping and paying e-bills, to checking on their kids and friends via texting from being carried out, adding further disruption. The targets likely to suffer from this sudden and prolonged access denial to the Internet include mainly parents and their teenagers, while older aged groups tend to be more resilient.
Highly vulnerable targets would also include Internet addicts – hardcore gamers, social networkers, entertainment video streamers, and those dependent on the Internet for entertainment or work. What’s more concerning, however, are infrastructure and service providers. While critical infrastructure such as energy generation and distribution facilities, utility providers and medical and security service providers may be operating on internal networks and thus less dependent on the Internet, a certain degree of communications, such as emails and other interactions with the outside world might be crippled.
Over the short term, the primary impacts such as the temporary disruption of Internet-based activities becomes immediately felt. Most people will complain about these inconveniences and even show minor irritation, with the general thought that this is a temporary problem that will be fixed. Most people would be clueless as to what is happening, and during this period, they would be vulnerable to those who claim to be in the know of the current situation.
However, the real effect of this disruption will soon become evident, as fixing critically damaged infrastructure – either cyber or physical – would take resources and time. At this point, some segments of society will begin to wonder if this will be permanent. This is also when feelings of fear set in. Individuals will feel a sense of helplessness and in turn begin to panic and act irrationally, allowing this weakness and psychological collapse to easily spread and infect those with whom it comes into close contact, not \ unlike a virus. This will in turn have longer lasting effects of fear and skepticism being embedded in the minds of the general population. Even if the problem has been fixed, they may assume it is
Organisations should also establish failsafe contingencies to safeguard their employees in the event a cyberattack takes down a firm’s ability to carry out financial transactions and pay wages. With so many firms becoming dependent on digital technology, it is advisable to prepare policies and protocols to deal with disruptions in the cyber domain.
still unsafe or ready to collapse again. Even with a disruption to cyber services for a few days, fear and survival instincts could kick in. People would become worried about the safety of their banked assets.
Subsequently, with the possibility of access to money being blocked, the hoarding of food and water could take place, leading to civil disturbances and even rioting. If only one city or a particular area within it is affected, national governments can organise relief efforts and provide temporary internet access via satellite or mobile land stations. People with the means to do so can leave the city, though those that decide to remain or who are unable to leave would soon become in danger of falling prey to criminals and conmen seeking to take advantage of the situation. However, if there is still no solution in sight after a while, it is possible that a city’s supplies would begin to diminish, possibly encouraging individuals trapped in the city to turn to crime. At this point, it is doubtful that anyone will remain in their jobs or offices, and this is when tertiary effects begin to be seen; the breakdown of order in affected communities, cities or countries.
Preparation is Key
By realising the extent of damage that can come from a disruption of the cyber domain, we can now prepare, in a way, to counter these consequences. The most crucial point to realise that the point of failure in such a scenario is not the technology, but rather the different reactions that will take place when the cyber domain is disrupted.
One can expect a mix of emotions from positive to negative, and it is the positive emotions that are needed to overcome the negative. As such, it would be critical to identify, train and prepare key persons in an organisation, society or country so that they may become beacons of hope, assurance and emotional support in times of disorder.
Organisations should also establish failsafe contingencies to safeguard their employees in the event a cyberattack takes down a firm’s ability to carry out financial transactions and pay wages. With so many firms becoming dependent on digital technology, it is advisable to prepare policies and protocols to deal with disruptions in the cyber domain.
Furthermore, organisations must prepare themselves to deal with the additional fallout of such a disruption, which may include the loss of large amounts of critical data which the company would need to survive.
The sudden loss of digital technology and its capabilities will also cause a ripple effect that would affect the psychological stability of employees. Unprepared employees would not be able to think of reactionary measures at such short notice in the event of an attack or disruption as they might be in a state of shock. Emotions experienced by an individual in this situation would include grief and panic.
So the question now begs to be answered; is your organisation prepared to meet and handle each and every different psychological emergency with confidence? Most are unfortunately not ready to do so.
Here, neuroplasticity is the key to survival. However, not everyone is capable of consciously and rapidly changing their mindsets in an instant. As such new mental models will have to be created, and the necessary training imparted. Early warning systems and resilience building must be made a priority, particularly for senior managers. Core functions and departments within organisations should also be trained to operate as independent cells, thereby delaying and reducing the impact of communications disruptions. This is an essential business continuity plan. Cyber insurance is also a point to consider, as the only thing that is more painful to a company than the loss of its data is the monetary losses that come along with it.
Continuity and the Way Forward
While the unintended consequences of disruptions in the cyber domain can be far reaching, they are not in any way a death knell to any individual or organisation involved. As with any scenario, preparation and a proper plan of action, while not being able to prevent these consequences, would go a long way towards mitigating their effects and bringing the situation back to normal. As the old saying goes, luck favors the prepared, and proper preparation can make any unintended consequence easy to manage and overcome.
