Armed Conflict Draws Closer as State-Backed Cyber-Attacks Intensify

The world is coming perilously close to nation states retaliating against cyber-attacks with conventional weapons, according to a new HP report.

The study, Nation States, Cyberconflict and the Web of Profit, was compiled by University of Surrey senior lecturer in criminology, Mike McGuire, from publicly available reports into state-sponsored attacks and interviews with scores of experts.

It claimed there has been a 100% increase in “significant” state-backed attacks between 2017-20, and an average of over 10 publicly attributed attacks per month in 2020 alone.

Although the largest number (50%) featured surveillance tools, a worrying 14% were focused on damage or destruction, while more than 40% had a physical and digital component.

Most (64%) of the experts McGuire consulted during his research claimed the escalation in tensions last year were “worrying” or “very worrying.”  

Factors such as increased weaponization and the readiness of governments to define network attacks as “acts of war” are moving the world into a “dangerous stage” — closer to what the report dubs “advanced cyber-conflict” than at any time since the digital age began.

This phase is defined by nations engaging in repeated digital attacks, an increased focus on physical assets and “potential use of conventional weapons” to strike back after cyber-attacks, the report noted.

The research also revealed how the lines between nation state and cybercrime attacks are increasingly blurring.

It claimed that 10-15% of dark web vendor sales now go to “atypical” purchasers including state actors looking to stockpile zero-day exploits. In addition, half (50%) of nation state attacks now feature low-grade tools bought from the cybercrime underground, while just 20% involve custom malware and exploits built in-house.

What’s more, a majority (58%) of experts consulted for the report claimed it’s becoming more common for governments to recruit cyber-criminals to carry out attacks, and even more (65%) said some nation states launch attacks to generate revenue.

McGuire argued that cybercrime economies are shaping the character of nation state threats.

“There is also a ‘second generation’ of cyber-weaponry in development that draws upon enhanced capabilities in computing power, AI and cyber/physical integrations. One such example is ‘Boomerang’ malware, which is ‘captured’ malware that can be turned inward to operate against its owners,” he explained.

“Nation states are also developing weaponized chatbots to deliver more persuasive phishing messages, react to new events and send messages via social media sites. In the future, we can also expect to see the use of deep fakes on the digital battlefield, drone swarms capable of disrupting communications or engaging in surveillance, and quantum computing devices with the ability to break almost any encrypted system.”

While most experts (70%) argued that an international treaty is needed to prevent further escalation in cyber-conflict, the majority said this would take years to achieve, and a third (30%) claimed it would never happen.

What’s Hot on Infosecurity Magazine?