Geopolitical fragmentation has come to a head in recent years, with a pandemic, wars and extreme weather events deepening global tensions. But in this century of technological innovation, states tend to fight with new means, so tensions have led to a spike in nation state cyberattacks. It’s a concerning trend that businesses, governments and the public need to be aware of and protect against.
Since the Russian invasion of Ukraine, Ukrainian organisations have been subject to serious cyberattacks from the Russian state and state-backed hacker groups. These included wiper malware which erases data on hard drives, spear-phishing where criminals create tailored malicious emails or messages to trick high value targets into sharing their data, and data breaches. Their shared aim is to destabilise the country. Likewise, state-backed hackers have been targeting Ukraine’s western allies to disrupt support for Ukrainian resistance and help their cause.
As the war continues, Russia faces its own difficulties – including socio-economic sanctions imposed by the West, and a widening skills gap as its young people move to other countries to escape potential enlistment. This has spurred on the country’s threat actors to deploy new tactics against their opponents, which includes many western governments and businesses. A recent Cybersecurity and Infrastructure Security Agency (CISA) alert stated Russia was focused on improving its ability to target infrastructure, including underwater cables and industrial control systems.
Falling victim to nation state attacks has severe ramifications for businesses and governments, including heavy financial losses and severe damage to reputation. In the latest UK National Risk Register it has been estimated that a successful attack can cause anywhere between 41 and 200 fatalities and cost the UK economy hundreds of millions of pounds.
Alongside the threat of Russia, cyber tensions between China and the US have also been escalating. As recently noted by CISA’s Jen Easterly, China’s cyber tactics are shifting from espionage to targeting critical infrastructure.
China has further motivations for conducting cyberattacks beyond causing disruption. As the technology arms race rages, the country is using all resources to close the gap to the US and the EU, particularly in the field of AI. Attacks on AI organisations’ personal identifiable information are a high risk yet hard to protect against: competing with an entire nation state which enables threat actors to change tactics overnight is no mean feat.
When it comes to AI innovation, we are also seeing the steady rise of this emerging technology within nation state attacks, for example WormGPT. The technology is enabling hackers to easily create sophisticated attacks – something which traditionally requires a high level of skill – enabling lesser skilled hackers to become effective cyber criminals.
We know nation state powers, such as China, Russia and North Korea, may well already be deploying AI technology to launch attacks against victim countries and organisations, and they won’t pause or slow down the development of such tools. Neither should we. Doing so will give nation state actors the head start needed to exploit AI technology and get ahead in the global cyber race. The West must develop tools to combat these threats effectively.
The global cyber and nation state threat landscape will continue to evolve, and we cannot afford to fall behind. No one country is immune to the possibility of a cyberattack, and any country, industry, business or organisation can be targeted at any given moment. As such, public and private sectors need to work together to share the latest intelligence from attacks while re-assessing their cybersecurity strategies and strengthening their line of defence against the next big threat.