The motives behind nation state driven cyber attacks
Posted on 30 September 2013.
FireEye released a report that describes the unique international and local characteristics of cyber attack campaigns waged by governments worldwide.


“Cyber weapons are being used as an advantage in real-world conflict,” said Kenneth Geers, senior global threat analyst, FireEye. “Regions have their own set of cyber weapons, which they will use to their advantage when it comes to a conflict or to help their allies. The world is at cyber war with attacks in every direction and location. Cyber shots are fired in peacetime for immediate geopolitical ends, as well as to prepare for possible future kinetic attacks. Since attacks are localized and idiosyncratic—understanding the geopolitics of each region can aid in cyber defense.”

“The biggest challenge to deterring, defending against, or retaliating for cyber attacks is the problem of correctly identifying the perpetrator. Ballistic missiles come with return addresses,” said Prof. John Arquilla of the Naval Postgraduate School. “But computer viruses, worms, and denial of service attacks often emanate from behind a veil of anonymity. The best chance to pierce this veil comes with the skillful blending of forensic “back hacking” techniques with deep knowledge of others’ strategic cultures and their geopolitical aims.”

Cyber attacks have already proven themselves as a low-cost, high-payoff way to defend national sovereignty and to project national power. The key characteristics for some of the regions include:

Asia-Pacific. Home to large, bureaucratic hacker groups, such as the “Comment Crew” who pursues targets in high-frequency, brute-force attacks.

Russia/Eastern Europe. These cyber attacks are more technically advanced and highly effective at evading detection.

Middle East. These cybercriminals are dynamic, often using creativity, deception, and social engineering to trick users into compromising their own computers.

United States. The most complex, targeted, and rigorously engineered cyber attack campaigns to date.

In addition, the report speculates factors that could change the world’s cyber security landscape in the near- to medium-term, including:
  • Outage of national critical infrastructure that is devastating enough to force threat actors to rethink the power of cyber attacks.
  • A cyber arms treaty could stem the use of cyber attacks.
  • Privacy concerns from the PRISM could restrain government-sponsored cyber attacks in the U.S. and globally.
  • New actors on the cyber stage, most notably—Brazil, Poland, and Taiwan.
  • Increased focus on developing evasion methods that bypass detection.
“A cyber attack, viewed outside of its geopolitical context, allows very little legal maneuvering room for the defending state,” Prof. Thomas Wingfield of the Marshall Center. “False flag operations and the very nature of the Internet make tactical attribution a losing game. However, strategic attribution – fusing all sources of intelligence on a potential threat – allows a much higher level of confidence and more options for the decision maker. And strategic attribution begins and ends with geopolitical analysis."





Spotlight

(IN)SECURE Magazine issue 43 released!

Posted on 16 September 2014.  |  (IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. This issue covers web application security, mobile hacking, certification, Black Hat, and much more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Sep 17th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //