Nation State Threats



               Each  nation-state  cyber  threat  actor  has  its  own  goals  and  reasons  for  conducting  cyber
               attacks. Some state-sponsored actors concentrate their efforts on espionage, while others focus
               on warfare-type operations. While these types of actors rarely turn their attention to generating
               money, they are nonetheless well-funded, typically through consistent money streams from their
               respective governments.



               Since at least 2001, China has focused almost exclusively on espionage-driven cyber attacks.
               Their goal has been to steal key intelligence information and intellectual property secrets in the
               hopes  of  replicating,  or  even  surpassing,  America’s  innovative  edge.  Chinese  cyber  attacks
               have been so successful in the intellectual property area that some Chinese manufacturers can
               actually  build  an  American  company's  product during the  day—and  then  at  night  change the
               same assembly line to print a Chinese company's logo on the product.



               In other cases, Chinese-affiliated cyber actors infiltrate major global corporations to gain insight
               into mergers and acquisitions. In these cases, Chinese companies are usually seeking an edge
               in order to outbid the U.S. or another western company. They accomplish this by understanding
               the bottom line prior to commencement of formal negotiations.



               In 2014, Russia established a goal of resurrecting the might of the former USSR. To this end,
               the  country  has  greatly  expanded  its  cyber  operations  over  the  last  three  years  in  a  multi-
               pronged approach. This comprises not only espionage operations, but information warfare as
               well. Demonstrated tellingly during the 2016 U.S. election cycle, Russia’s information warfare
               capability was extremely successful, using asymmetric operations involving proxy organizations
               such  as  Wikileaks.  The  Russians  managed  to  hack  countless  Republican  and  Democratic-
               based political organizations with little effort and to damage those they were most interested in.



               Attackers Work More Methodically Than First Thought

               Today’s  attackers  have  formerly  unsuspected  commonalities,  actually  operating  in  a  unified,
               professionalized, and sophisticated manner when conducting cyber attacks. We like to think of
               attackers as a disjointed set of individuals loosely collaborating—when in fact they often work
               more as an assembly line; from a technical perspective, they are quite routine. Cyber actors rely
               on operational efficiency, reusable modular toolkits, and infrastructure stability to attack a large
               number of targets successfully.





                    77   Cyber Defense eMagazine – September 2017 Edition
                         Copyright © Cyber Defense Magazine,  All rights reserved worldwide.