In today’s interconnected world, it’s more likely that politics and social unrest the world over could have significant impact on today’s digital business. That’s according to Flahspoint’s Business Risk Intelligence Decision Report, which took a midyear look at the methods, motives and moves of nation-state actors.
“The relatively quiet first six months of 2018 could turn on a dime as midterm elections loom, tense relations in the Middle East persist, the U.S. leaves the Joint Comprehensive Plan of Action (JCPOA), sanctions against Iran tighten, and numerous other dramatic geopolitical developments continue to arise,” the report stated.
The report analyzed trends and indicators in threat actor reactions to, and prioritization of, activities with regards to global events and dynamics. From that analysis, Flashpoint developed a six-tiered capability and potential impact scale, with the sixth tier potentially having what the company defined as a catastrophic impact.
Results of the analysis rank China and Russia at a Tier 6 – the greatest threat – across most verticals, with the exception of retail. Though state-sponsored cyber activity coming from Russia has been quiet thus far this year, “the apparent lack of cohesion between Europe and the US in dealing with Russian offensive cyber tactics may server to embolden Russia to continue expanding its cyber operations,” according to the report.
Activity from state-sponsored actors in China remained potent threats to private companies and government institutions. China has continued its internal crackdown on anonymity while increasing scrutiny of online activities and foreign corporate interests. In addition, The National Cybersecurity Law has driven cyber-criminals to either cooperate with authorities or move farther to the fringes in tools and techniques.
Also rated as potentially having a catastrophic impact is the intelligence-sharing arrangement between several Anglophone countries known as the Five Eyes. The report defines the Five Eyes as the group that “collectively represents the pinnacle of cyber capabilities related to cyber espionage and destructive or disruptive attacks."
"Yet they are not traditionally considered threat actors to Western entities," the report states, "because their activities are generally undertaken in support of national security objectives rather than for commercial or economic gain.”