State-sponsored hackers have found a preference for corporate espionage, the exfiltration of intellectual
            property to narrow the technological gap with competing nations, the stealing of PII and CII data for
            financial gain, and defaming adversaries to further socio-political agendas.

            Hackers  have  explored  new  attack  surfaces  as  industry  and  country  IT  systems  have  remained
            vulnerable  with  poorly  configured  and  outdated  programs  and  applications.  Weak  applications  or
            networks become a test field for hackers as they carry out advanced persistent threat (APT) attacks, first
            establishing long-term connections, then understanding the architecture of the targeted organization, and
            finally starting to mine sensitive data such as PII, official documents, agreements, compliance data, etc.
            The Anthem APT attack, which compromised almost 80 million customer PII data, is a popular example
            of such an attack.

            It  is  now  of  utmost  importance  for  governments  and  businesses  to  adopt  a  predictive  approach  to
            protecting their reputation, ensuring business continuity and protecting national interests. However, this
            can only be achieved by going deep into the hacker trenches to gain real-time cyber threat visibility. To
            this end, we need a platform that can discover evolving threats, decode and segregate valuable cyber
            threat insights from the vast amount of data available.

            In order to beat hackers in their own game, cyber intelligence is needed for businesses to take action
            against unseen threats. Having a platform that allows one to predict a cyberattack is needed more than
            ever before. And there's one that fits the bill – CYFIRM's DeCYFIR.

            Using DeCYFIR, CYFIRMA researchers analyzed data sources across deep / dark web, hacker forums
            and closed communities, and uncovered the following cyber-war threat scenarios.



            • Trade wars fueling cybercrime and cyber warfare

            The ongoing trade war between two of the world's largest economies – the US and China – has already
            created a geopolitical strain. The US has long accused China of unfair trade and theft of intellectual
            property. The race for political and technological supremacy has now fueled cyber warfare.



            • Geopolitical conflicts between neighboring countries

            Relations between Japan and South Korea, China and India, China and Australia have deteriorated
            rapidly over wartime issues and bilateral trade differences.


            War hysteria, historical differences, and geopolitical supremacy will lead state-sponsored hackers to push
            their cyberattack threshold to a limit. Social hacktivists, political parties and large corporations will be
            drawn to cybercrime as a means of achieving business and political objectives, fueling the expansion of
            the hackers-for-hire economy.









            Cyber Defense eMagazine – September 2020 Edition                                                                                                                                                                                                         46
            Copyright © 2020, Cyber Defense Magazine.  All rights reserved worldwide.