The Changing Face of Cyber Crime Actors – It’s now state and state-sponsored cyber attacks
ESET, a global industry-leading IT security provider together with other players in the cybersecurity sector have raised the red flag on the increase of state and state-sponsored cyberattacks targeting government departments, critical infrastructure, military establishments and corporate companies in Africa and the Middle East.
Governments globally have always conducted offensive cyber – operations but these campaigns have grown in volume and impact with the most famous being the Stuxnet Malware attack used by the US and Israel governments against Iranian nuclear facilities in 2010. Traditional attacks have always been for financially driven motives but the growth of state-sponsored attacks has challenged industry players due to the plausible deniability and the motives behind them.
A report by the Center for Strategic and International Studies also shows hundreds of state drive or sponsored attacks on organizations such as Microsoft that were linked to hackers from Russia’s Foreign Intelligence Service. The Afghan government was also attacked through phishing emails targeting the Afghan National Security Council while diplomatic missions in Africa and the Middle East have battled with the malware variant called Turian linked to hackers from the Asian continent.
According to ESET East Africa Channel Manager – Ken Kimani “governments have been known to commission hackers as data has become the new oil and the more data a country has about its allies or enemies the more power it has. Without some kind of geopolitical consensus, it’s going to get a lot tougher for cybersecurity experts to stop or regulate states or those criminal groups that are effectively being sheltered by the state but we will not keep doing our job“.
He added that “attack campaigns use sophisticated multi-stage approaches often described as Advanced Persistent Threats (APTs) that require lengthy reconnaissance work and efforts to stay hidden inside networks for long periods, with the focus being on cyber-espionage or destructive attacks, designed to further geopolitical ends. With many vendors on the dark web now selling exploits and malware to state actors, it has become commonplace to hear of some governments hiring freelance hackers to help with some campaigns“.
We currently live in a world where the global cybercrime underground is worth trillions annually. It’s a fully functioning economy that generates more than the GDP of many countries and is packed with the kind of freelance resources, knowledge and stolen data that many governments covet. Cyberspace represents a new theatre of war in which no countries have yet agreed on terms of engagement or rules of the road, and that has left a vacuum in which it’s deemed acceptable by certain nations to directly or indirectly sponsor economic espionage. It’s gone even further: in some cases where organized cybercrime is allowed to do its own thing as long as its efforts are focused outward at rival nations.
Despite these continued threats from well-resourced and sophisticated hackers, it is imperative that organizations adopt a proactive security strategy with continuous risk profiling, multi-layered defences, watertight policies and rapid detection and response to safeguard their data, organizations and country as a whole.