Economic, geopolitical and diplomatic events are becoming the driving force behind today’s cyber-threat landscape, the effects of which are being felt by organizations around the world.
That’s the assessment from CrowdStrike’s 2015 Global Threat Report, which found that the primary motivation behind global cyber activity has now shifted from disparate activities carried out by individuals, groups and criminal gangs pursuing short-term financial gain, to skilled adversaries driven by strategic global conflicts.
For instance, as the Russian economy faced the possibility of recession due to both the US and EU sanctions stemming from the Ukraine conflict, and as the global price of oil fell, a noted increase in intrusion activity was observed.
“Perhaps in an effort to hedge against these challenges or to gain information to formulate monetary policy, Russia performed broad intelligence-collection campaigns, targeting numerous entities in government, defense and non-governmental organizations (NGOs) in the US, Europe, Asia, South America and the Middle East,” the report found. “The expansion of reconnaissance may have been an effort on the part of the Russian government to seek understanding of changes in oil pricing in order to inform its national economic policies.”
Overall, CrowdStrike expects Russia’s precarious economic state to most likely continue to create an insatiable appetite for the intelligence needed by decision-makers, particularly against targets operating in regional areas of interest and global energy companies.
“Distant geopolitical events occurring in disparate parts of the world are actually creating ripple effects that wash up on the doorstep of industries and companies thousands of miles away in the form of cyber-threats,” said George Kurtz, CEO and co-founder at CrowdStrike. “Business and organizations ignore these geopolitical developments at their own peril if they do not allocate adequate resources and build the capacity needed to protect their information and networks.”
The report also noted the rise of extortion-based criminal operations, including use of ransomware, banking trojans, and exploit kits, along with intelligence-powered social engineering scams, phishing campaigns and more. And, it highlights an uptick in sophistication and scale of terrorism-related hacktivist groups and online censorship in the Middle East.
“The economic downturn and new Five Year Plan in China will continue to drive their state-sponsored cyber espionage activities,” the report noted. “The situation in the Ukraine and falling oil prices will continue to fuel targeted intrusions from Russia. The conflict in the Middle East between Saudi Arabia and Iran over Yemen will continue to generate hacktivism from that region. CEOs and boards of directors who ignore or disregard the ramifications of global events such as these will pay for it in the loss of revenue, jobs, intellectual property, and shareholder value.”
Photo © Kheng Guan Toh