by

Cyber Threats: Nation-States

This article is part of a series of called “Cyber Threats: Who Wants Your Money?”. If you missed the first post, you can read it here.

After the Operation Desert Storm, in 1998, USA for the first time has shown to the world their military prowess and how technologically advanced they were. Countries everywhere looked at how technology was being utilized by the US Marines and realized that simply no country was a match for them. The warfare landscape has been taken to a new level. The Chinese army were quick enough and studied how tech was applied by the USA and wrote a military study called “Unrestricted Warfare”. A classic now.

The summary of the book: A small nation can achieve a powerful hit against a bigger one by exploiting technological weaknesses. The technological warfare between nations started.

China then created a Cyber Militia, a group of hackers based on the findings of that study. Chinese schools invested heavily in programming and network computing. And I’ll use this Chinese event to explain a bit what goes behind the minds of a Nation-State Cyber Threat.

image 

Why They Did it?

The answer to this question is similar to the answer “Why is Windows Phone trying to compete with iPhone?”. Because if they don’t, the competition will take over without resistance. And from a nation perspective, everyone was going to invest in cyber tech. China could not afford to be out.

Since then, reports of cyber attacks attributed as originating from China emerged in the news frequently.

 

What Is a Nation-State Attack?

Every western organization likely experienced an increase in port scans and access attempts to their systems around the year 2000. Port scans are considered attacks because they are done with:

  1. Explicit Intent to actively look for weaknesses in your security stance. These are not done for fun or curiosity, they carry a malicious purpose.
  2. Malicious Purpose. They are like “checking doorknobs on people’s houses”. Once they identify, the next step is to compromise information and integrity in exchange of political of financial gains

To mention a few examples:

Regardless where they came from, executives all over the world recognized the threats and the Three Warfares was written. A mark on defensive systems against Nation-State attacks.

People started to understand their devices could be attacked, casual conversations recorded and personal storage devices compromised.

Small and medium companies started to be attacked. They were used as a new attack vector against their partners, big corporations.

 

Why Nations Do This?

Because it is profitable and offer an upper hand in tactical politics. Big damage can be done by small groups against large organizations by a fraction of the invested cost. According to Interpol data, cyber espionage theft amounts to US $1 trillion.

The Center for Strategic and International Studies, estimated that cyber espionage incurs in losses of about US $100 billion per year to the US economy.

 

Most of Countries are Capable of Cyber Attacks

A few countries are the undisputed leaders such as USA, Russia, UK and France. That’s where the power of alliances come into play, but many small nations proved to be highly effective. Take for example Stuxnet, which has the power to take over power grids and nuclear plants.

Have a look at this video explaining how powerful Stuxnet can be for a Nation-State attack:

 

 

It is impossible to talk about Nation-State attacks and not to mention Edward Snowden famous for the Wikileaks whistleblowing and now writing for the Guardian which “confirmed” the USA actually created Stuxnet.