TEISS speaks with Jing Xie, senior threat intelligence analyst for Venafi, about the cyber warfare stage and how nation states play their various cyber parts.
Jing explains that in many ways, how nation states act in cyber space is an extension of what’s happening in the physical world. Since 2005, Cyber tools have been incorporated in nation states' defence as an effective, indispensable and strategic asset and their cyber behaviour reflects their nation's personalities.
Jing states that an important element to understanding cyber warfare is to analyse their distinct characteristics. Countries which are believed to have the most advanced cyber warfare capabilities include the United States, China, Russia, Israel, Iran, North Korea and the United Kingdom.
Also of interest: WannaCry...one year on
So how do these countries differ in their cyber personalities and tactics?
China: the economic hacker
Jing explains that the Chinese are covert, clever, patient and mostly concerned with economic issues in their cyber behaviour. Xi Jinping is strategic in his deployment and operations and cares about anything that threatens the progress and advancement of China's economy.
Russia: the political hacker
Russia's hacks are very political and an obvious extension of what’s happening in the physical world. Jing believes that Russia’s power grid cyber attack on Ukraine in 2015 - which shut down Ukraine’s power grid, cutting off power from millions of people for an extended period of time - was politically motivated. Russia’s aim was to exert influence and attack geopolitical enemies in Ukraine. Jing adds that Russia wants to be recognized as the superpower, as they once were, and to demonstrate to the world that they shall not be forgotten. In contrast to President Xi, President Putin thinks impulsively. Many expect that the Ukraine attack was just a rehearsal and the main target will be the USA in the foreseeable future. As political tensions grow between the U.S and Russia, after the tit-for-tat expulsion of diplomats - we will see this extend to the cyber world.
Also of interest: The Verizon 2018 Data Breach Report
United States of America: the superpower hacker
They want dominance and control and to maintain their superior position in the world.
Israel and Iran: duo-political hackers
Israel and Iran are in a duopolitical hacking matchup, observing each other closely. The US is occasionally involved in the conflict against Iran. Interestingly neither have hacked China or Russia because they are not involved in a duo-political conflict.
The United Kingdom: the watchful hacker
They are just watching, secretly developing their capabilities. The U.K. tries to stay away from all the attacks and are in the defensive position.
Also of interest: Interview with Raef Meeuwisse, author of Cyber Security for Beginners
North Korea: the bank heist Hacker
The new comer on the cyber scene, most of North Korea’s hacks have been for political and monetary gain. Jing highlights that almost all the cryptocurrency exchanges attacks in South Korea and Japan were launched by North Korea. North Korea differs to the other nation states who devise and plan their attacks carefully before launching, making them difficult to attribute. North Korea, however, like ISIS, stands out and claims the attack. This might be deliberate, but also due to their unsophistication in the domain. North Korea has not matured their weaponry, processes and infrastructure, thus making their attacks and the intentions behind them easily discovered. It’s clear they want money; the more, the better.