Methodologies employed in State-Sponsored Hacking As far as possible, state-sponsored hackers use standard attack methods used by other typical cyber-criminals and penetration testers. They are so generic that they can go undetected almost every time and cannot be attributed to any group. They may take the form of phishing emails followed by more recent exploits that the victim may not be educated about. Commonly, state-sponsored cyberattacks can take the following forms: – Espionage refers to the act of gathering information illegitimately. Discovering corporate secrets, sensitive political information and other technological infrastructure can help attackers to enter the vulnerabilities of a country’s political and financial establishment. Also known as cyber-spying, it is believed that data theft costs between 25 billion and 100 billion dollars annually in the U.S. alone. – Physical damage, which could be considered an all-out war if encountered. “When people talk about state-sponsored cyberattacks, we commonly hear about the time before and after Stuxnet”, says Anthony Joe Melgarejo, from F-Secure’s Tactical Defense Unit. U.S. and Israel used Stuxnet to damage Iranian nuclear facilities. As opposed the ‘viruses’ that came before it, Stuxnet became more than just a malware. It inflicted physical damage on computers, not just causing mere data theft or leakage. By 2010, it had infected 200,000 computers and 1000 machines to physically degrade in Iran. – Sabotage is a middle-ground between the above two categories- an attack that affects a state’s infrastructure but doesn’t necessarily cause harm to human life. – Spreading misinformation– Effective in disrupting political opinion within a country, affecting elections, or spreading resentment against groups or governments. State-sponsored misinformation is different from propaganda since its primary goal is to confuse the public and not push a particular ideology. Director of Global Outreach at Global Cybersecurity Institute and Professor in the Department of Computer Engineering, Dr. Jay Yang, shares insight into what may be the most common yet deceptive type of cyberattack. “There is also hacking that’s not necessarily hacking into computers, in the sense that it’s more of a social media disinformation campaign,” he said. “It affects our way of thinking, decision making or interpreting of facts.” The Challenge Ahead Determination of the reasons behind a state-sponsored cyberattack or which category to put them in, is an issue engulfed in ambiguity. The likelihood of detection is extremely low, and the success of any concerted effort cannot ever be determined. State-sponsored hacking rarely makes any noise, and incomprehensible damage is already done by the time it may be detected. There are also mechanisms or hidden malware which may remain dormant and undetected for years. These can remain invisible until the victim becomes proactive to identify and overturn them. There is no clear road ahead , just that each state or each organization has to take proactive step to regularly audit their infrastructure to identify such threats & deploy latest cyber security technologies to secure themselves. About SNS Secure Network Solutions India (SNS) provides a quantifiable, risk-based approach to building corporate cybersecurity based on globally recognized frameworks and standards. We have been protecting businesses for the last 20 years! Write to us at [email protected]