Cybercrime -crime perpetuated and orchestrated digitally- has taken over natural disasters in terms of the global risk level involved. It is indeed a shocking realization, perhaps beyond belief, but it is true. The financial and even physical harm caused by cyberattacks is as real as the sky above us. As we transition to a digitally transformed society, we rely on the internet for absolutely everything in our daily lives. On the other hand, our foes no longer include street thieves, but cyber thieves. No longer are terrorists the only problem, but equally so nation-state cybercrime groups. Phishing engineers are the new street scammers. Malware creators are the new arms dealers. Cybercrime is our most serious problem to date, and fighting it is another art form altogether that we have not yet fully mastered.
With that in mind, it is a well-established fact that hackers come in different tiers with; differing affiliations, skill levels, and competencies. Let's delve into the heavy end of the spectrum, where the most feared cybercriminals operate -nation-state cybercrime.
Nation-state cybercrime is just one way of saying advanced cyberterrorist, or a group of the former that have some sort of state backing behind them, hence ascribing this particular group of hackers a dominant stature and a particular fearful aura. These individuals or groups of individuals are free to hack their targets usually with unlimited resources available to them. Another way to refer to them is a group of advanced black hat hackers -the malicious, immoral kind of hacker.
Cybercrime itself is a broad term, encompassing everything from benign amateur scammers to high-profile cybercrime hitmen that can bring down the defenses of the most powerful nations in the world -which are most often those backed by nations. With the technology openly available to the world, cybercrime is extremely profitable and in contrast with physical work, an effortless way for governments to spy on each other, as well as bring each other down if necessary. The motives are sometimes simply to cause disruption or gain a tactical advantage.
Classical war scenarios seem to no longer be necessary in our world, as the world's most sensitive information is increasingly stored online. Nation-state cybercrime perfectly fits into the endless turbulence that is the geopolitics between East and West. And so, when a country invests in its offensive cyber capabilities, there is no doubt that this will have an impact on the global economy and global security.
Nation-state cybercrime is also sometimes referred to as APTs or Advanced Persistent Threat groups. When government intelligence agencies and cybersecurity organizations like those in the U.S. deal with cyberterrorism of the worst kind, the term APT is used quite often.
Nation-state cybercrime groups most usually hail from countries with a specific kind of governance such as China, Russia, and North Korea. However, it is important to state the difficulty of stereotyping nation-state cybercrime, as sometimes attacks can come from within the country itself, or with the assistance of another country. Narrowing cyberterrorism down to just a few countries like those above would be inaccurate.
While large-scale cybercrime attacks affect the entire world, it is most often the U.S. that is the target -again proving that everything revolves around regime politics and geopolitical dominance. To put cyberterrorism into perspective, here are a few examples of incidents in the past;
● The 2010 Stuxnet worm that disrupted Iranian nuclear uranium centrifuges, believed to originate from the NSA with the help of Israel
● The 2017 NotPetya incident, a global malware campaign that caused international chaos in industries like finance, manufacturing, and the military industry. It is believed to have originated from Russia
● The 2020 SolarWinds breach that affected the most critical organs and high-profile companies of the U.S., believed to have originated from Russian APTs
● The 2020 Chinese-APT related ransomware attacks that targeted gaming companies, among others
The short answer is that there is no doubt about the fact that all of us are collateral damage. The scope of large cybercrime campaigns is like a giant, crippling meteoric hit to the economy and industry. Everything from banks, the medical sector, industry not to mention companies we all rely on like Google, Facebook, even your insurance company can be affected by heavy-hitting, wide-ranging cybercrime attacks. Hundreds of millions of emails, accounts, and sensitive information including credentials can be breached, and have been, with attacks of this magnitude.
What precautions, if any, can you or your business take against these attacks? The key to this is simply building all of your systems with strict security from the ground up, especially if your business stores sensitive records. One example of this is hiring a professionally managed security solution. Secondly, training employees for network threat detection and cybersecurity is another fundamental cornerstone of being cyber secure.
As for individual cybersecurity, as a regular citizen that has email accounts, social media accounts, and perhaps sensitive information stored on your computer; you need to practice proper password security, activate all possible security and privacy measures on your machines, secure hardware routers, backup information offline and keep software up-to-date.
No matter how sophisticated a hacker's abilities and toolset are, remember that they can't steal data that has been backed up and remains offline. Other than that, there is not much you can do to stop attacks other than leaning on the backs of the brands you have entrusted.
Subscribe to Latin Post!
Sign up for our free newsletter for the Latest coverage!