How nation-state cyber warfare affects you
CyberSmart
Cybersecurity should be simple. Protect your business with CyberSmart. #BeCyberSmart with #CompleteCyberConfidence
We live in a time of increased international tensions. You can scarcely open a newspaper or browse a news site without being greeted by conflict, both in the real world and online. We’re only three months into 2024 and the National Cyber Security Centre (NCSC) and its international partners have already issued a public warning about state-sponsored attackers. However, for the average small business or individual, this can seem very distant. Reports on the machinations of states and their security services can all feel ‘a bit James Bond’. Nevertheless, cyber warfare affects everyone. In this blog, we look at cyber warfare and why you should care.
What is nation-state cyber warfare?
Nation-state cyber warfare is best defined as:
‘Cyberattacks launched by one nation-state against another, targeting critical infrastructure, government agencies, businesses, and individuals.'
Nation-state cyber-attacks are often distinctive. The techniques employed are advanced, with highly skilled hackers tasked with executing bespoke malware. These operations are often phenomenally well-resourced, with money no object, and executed over long periods, often years.
Did you know that 47% of UK SMEs feel more threatened by cybercrime since the cost of living crisis began? Find out more in our latest report.
Why are nation-state attacks launched?
There are several reasons why countries engage in cyber warfare, from its use as an extended theatre of war to attempting to exert influence on rivals’ internal affairs.
Military operations
Cyber warfare can act as a further weapon in support of traditional methods, as we’ve seen in the current Russia-Ukraine conflict.
Sabotage
Another motivation is simple disruption, whether to send a message or destabilise an enemy. We’ve seen plenty of attacks on critical infrastructure such as power grids, financial systems, and transportation networks. Perhaps one of the most famous examples of this (although never directly attributed to any one state) is the Stuxnet worm that disabled the Iranian nuclear programme.
Espionage
Espionage is probably the most common goal of nation-state cyber warfare. State-sponsored actors might attempt to steal military intelligence, intellectual property, personal data or other sensitive information from government bodies or their supply chains. Another common use is to spy on journalists, politicians and others in positions of influence.
For a very current example of this, check out the recent exposure of China’s ‘hackers for hire’ programme.
To influence operations?
Spreading misinformation, propaganda, or sowing discord can be used to destabilise a target nation. The most infamous examples of this are perhaps the 2016 US election and the UK’s Brexit referendum, with both being targeted by outside influences. And this is likely to become a live issue again as both the UK and US go to the polls in 2024.
Stealing funds
Nation-state attacks aren’t always for political gain. The past few years have seen the rise of nation-state actors simply stealing funds. For example, groups associated with North Korea, have stolen an estimated $2 billion (£1.6 billion) from at least 38 countries in the past five years.
Why does this matter to you?
Nation-state cyberattacks are a big deal, even if they don't target you personally. For those of you who have seen ‘Leave The World Behind’ this film brings home the chilling reality of what a significant cyber attack upon a nation could look like.
What’s more, this isn’t all the work of Hollywood screenwriters. Statistics show that in 2021, 21% of nation-state attacks targeted consumers – ordinary people like you or me.?
The impact of these attacks can be significant too. Imagine no water or electricity because hackers targeted power grids. Or worse still, a hacked nuclear system and the apocalyptic consequences that could entail.?
Interestingly, between 2021 and 2023 we have seen a significant increase in nation-state cyber attacks against schools. Between July ‘22 and June ‘23, schools were the most targeted sector, with 16% of all such attacks being directed at them.?
The same report highlighted that 11% of attacks were directed at think tanks and non-government organisations – groups that will have some part in shaping elections.
So while you might not be the direct target, the impact can be felt by everyone.
领英推荐
Nation-state attacks in the real world
We mentioned some of these in passing earlier, but let’s dig into some of the most famous examples of nation-state cyber warfare.?
Stuxnet (2010)
We almost always assume that the attacker is going to be from one of a few countries, but this nation-state attack was launched by the US and Israel. The target was an Iranian nuclear plant due to the simmering tensions between the Iranian and US governments over the former’s atomic weapons programme.?
We recommend reading about this in more detail (it’s well-documented and very interesting) but, in summary, malicious software in the form of a worm was used to specifically target Siemens-made equipment used in the nuclear power plant. This caused an estimated 1,000 centrifuges within the plant to fail, temporarily neutralising the Iranian’s nuclear programme.?
2016 American election (2016)
In 2016 we saw Russian interference in US elections. The Russian government utilised thousands of fake social media profiles that purported to be Americans, spreading disinformation. This attack also targeted American politicians directly, hacking and stealing data from senior members of Hilary Clinton’s campaign committee and leaking this information online.
And one fresh off the press…
In February 2024, globally renowned cloud services provider Cloudflare reported unauthorised access to its internal systems by an unknown attacker.
Although we don’t know anything for certain yet, Cloudflare suspects a nation-state actor was behind the incident. The attack involved stolen credentials being used to gain access to an Atlassian server containing documentation and a limited amount of source code.
Unfortunately, these examples illustrate that the attacks will keep coming, which poses the question, what can you do to protect yourself or your business?
What should I do to protect myself?
Though few of us will be directly subjected to a nation-state attack, it’s feasible that our organisation or someone that we work with could be.?
What can we do as individuals??
Start by practising good cyber hygiene, like using strong passwords, setting up multi-factor authentication, and being cautious of suspicious emails and links. Alongside this, it’s important to stay informed about emerging threats and best practices for preventing them.
What should businesses do?
Organisations need to implement good cybersecurity practices such as vulnerability management, incident response plans, and employee training. If you’re unsure where to begin, accreditations like Cyber Essentials can give your business a solid grounding in the fundamentals of cybersecurity.?
What should we expect from governments?
Apart from ensuring they have the best possible cyber defences in place, governments must also develop international norms and frameworks to promote responsible state behaviour in cyberspace.
The EU has taken a significant step towards this in agreeing to the European Cybersecurity Scheme on Common Criteria (EUCC). This is the first scheme of three and targets IT products such as hardware, software and components.
We can't stop nation-state activity and, individually, we can't significantly influence it. But, we can ensure that we are informed about these threats and influence those closest to us, be that family, friends, the leaders within organisations that we work for or the businesses we buy from.
With AI quickly imposing upon our lives and a general election later this year, security is everyone's responsibility and we must take this seriously.
Want to know more about the threats facing small businesses? Check out our guide to how SMEs are handling cybersecurity during a cost of living crisis.?