Authoritarian regimes have learned in recent years that cybercrime can be a profitable economic enterprise – so much so that they continue to invest substantial resources in large- and small-scale cybercrime. This lucrative work goes on to fund their governments and their lavish lifestyles, among other things.
These nefarious nation state actors – North Korea, Iran, Russia, and China – all steal large sums of money by targeting Western infrastructure, private and public organizations, and sometimes even outspoken entities that speak openly against each of them. Furthermore, these nation state actors have long seen the West as an existential threat on the global stage for a multitude of reasons, especially in the realms of economy, infrastructure, intelligence and military affairs.
Economically, the battle between communism and capitalistic agendas rages on, with stiff competition between Eastern and Western technology, energy, manufacturing, and more For example, China uses its global Belt and Road initiative (BRI) under the guise of helping struggling economies to gain influence and essentially creating debt traps for unsuspecting countries. Meanwhile, maritime power has reemerged as a vehicle for control and asserting dominance over disputed territories (referring to China’s ambitions for Taiwan and controlling the parts of the Pacific, so far, an icy stalemate). Conflicts are also being fought on land, as seen with Russia’s invasion of Ukraine and Iran’s continued tensions with Israel and the U.S. regarding their nuclear agenda.
The Link Between Cybersecurity and Geopolitics
With this gradual increase in global cyber competition, it is no wonder that nation states continue to invest in cyber infrastructure and predominantly fight in the cyber world. Many are correct to believe that cybersecurity and geopolitics are directly linked. If anything, businesses have learned this lesson the hard way. Just because they are private sector and a multinational organization does not mean they are invincible to an enemy nation’s ransomware and cyberattacks. Or better yet, a private business operating abroad becomes a target for spyware (China BRI and cyber giant Huawei) out of the suspicion they are harboring their home country’s government secrets and hold “the keys to the castle.”
Overall, despite a nation state’s obvious agenda for zeroing in on military and government targets, such adversaries have become bolder and less dismissive of attacking private businesses, regardless of that company’s allegiance to serving consumers internationally. For example: As of late, many have pointed fingers at Russia to blame for recent attacks on American companies as big as Microsoft, Apple, Cisco (etc.) as well as being the true culprits of the SolarWinds fiasco in 2020.
As Dangerous as the Wild West
Due to such actions, the cyber world is now as dangerous as the Wild West. The question is, how are businesses and everyday citizens supposed to live while being caught in the chaotic influx of criminalistic and outlaw-ish rivalry?
The answer is: They do not. Cybersecurity has become a constant in daily life, and enemy nation states are part of the reason why. Every day, another business is on the news because it has been hacked by foreign threat actors who, with sophisticated and unsophisticated techniques, manage to destroy the finances, ambitions, and public reputation of a once-respected economic contributor.
Looking back to 10 years ago, it would be hard to believe then believe that extraordinary measures (such as firewalls, multi-factor authentication, intrusion detection and prevention systems, etc.) would now need to be implemented to defend against malicious advanced persistent threats (APTs). However, business today means realizing that nobody is safe. It does not matter anymore what industry an organization belongs to or what product they peddle.
Unfortunately, businesses across the globe are not safe from APTS, regardless of industry, sector or affiliation. APTS tactics techniques and procedures (TTPs) continue to advance, and so should business TTPs when protecting against threats.
Therefore, every private institution needs to align their policies to thinking “security first.” While most businesses have IT departments, many still lack a well-trained and sophisticated cybersecurity team within their organization. Such changes for a more secure network and security structure need to be made, as well as recruiting for the people who can do the job effectively (not just a one-person team). If companies fail to get started before it is too late, most of the world will find themselves at the mercy of cyber outlaws and APTS.
This post was authored by the Cyber Threat Analyst Team: Al Martinek, Corey Sinclair and Taylor Ellis.