Page 63 - CMA Journal (May-June 2025)
P. 63
Focus Section
geopolitical conflicts by sharing tools and
techniques to increase the sophistication
and impact of their attacks.
History is full of high-profile cyberattacks
that have immobilized business
operations for days or even weeks,
resulting in massive financial losses,
service disruptions, and the exposure of
sensitive information. In many cases, the
affected organizations had no option but
to pay substantial ransom amounts to
regain access to their systems and resume
operations.
A few notable examples include:
• NotPetya and WannaCry (2017) –
NotPetya impacted major companies
and organizations worldwide,
disrupting operations for several
days. WannaCry encrypted Windows
operating systems globally,
demanding large ransom payments.
• Equifax Data Breach (2017) –
Exposed the personal data of 148
million people. A settlement was
reached with the company, offering
compensation and assistance to
affected users.
• Colonial Pipeline Ransomware
Attack (2021) – A major U.S. fuel
pipeline was targeted in a
cyberattack that compromised
several computerized systems managing the
pipeline. The attack led to a severe fuel shortage, and
Estimated cost of cybercrime worldwide 2017-2028
the company paid approximately $5 million to
(in trillion U.S. dollars)
restore operations.
• SolarWinds Supply Chain Attack (2020) –
Attackers exploited a vulnerability in a software
update distributed to thousands of organizations,
including government agencies and corporations,
gaining remote access to their networks. The
financial impact was estimated to be an average of
$12 million per affected company.
Cyberattacks have increasingly become a component of
traditional warfare. During the Pak-India conflict, both
Cyber Warfare countries engaged in cyber warfare alongside
conventional exchanges. The Securities and Exchange
According to the Microsoft Digital Defense Report 2024, Commission of Pakistan (SECP) issued warnings to local
over 600 million cyberattacks occur every single day, companies about heightened cybersecurity threats,
targeting sensitive information and critical infrastructure. advising strict access controls, regular vulnerability
The report also highlighted the emerging alliance assessments, and a comprehensive response plan to
between cybercrime gangs and nation-state-affiliated counter potential attacks.
threat actors, who are now collaborating to support
ICMA’s Chartered Management Accountant, May-June 2025 61
