Nation state cyber-attacks are becoming more frequent and varied in their nature and moving closer to a point of ‘advanced cyberconflict’ than at any time since the inception of the internet, according to a new study.

The academic research sponsored by HP and led by Dr. Mike McGuire, senior lecturer in Criminology at the University of Surrey found that there has been a 100 per cent rise in ‘significant’ nation state incidents between 2017-2020.

Analysis of over 200 cybersecurity incidents associated with nation state activity since 2009 also shows the enterprise is now the most common target (35 per cent), followed by cyber defence (25 per cent), media and communications (14 per cent), government bodies and regulators (12 per cent), and critical infrastructure (10 per cent).

The research also explored the evolving threat landscape of the dark web, and drew upon consultations with leading cyber security, intelligence and government experts.

The analysis suggests there have been clear escalation in tensions surrounding cyber security, supported by increasingly complex structures that intersect with the underground cybercrime economy – referred to in the report as the ‘web of profit.’

A total of 75 per cent of the expert panel consulted for the report said that COVID-19 presented a ‘significant opportunity’ for nation states to exploit disruption.

In 2019 there was a 78 per cent rise in supply chain attacks overall, while in 2020 over 27 supply chain attacks could be associated with nation state actors.

Over 40 oper cent of the incidents analyzed involved an attack upon assets that had a physical, as well as a digital, component – for example, an attack on an energy plant – an attack style labelled as ‘hybridization’.

The tactics used by nation states to acquire COVID-19-related IP data appear to have been road-tested by cybercriminals, which is characteristic of the way nation states have become beneficiaries of and contributors to the ‘web of profit’ that constitutes the cybercrime economy.

Commenting on the findings, Dr. Mike McGuire, senior lecturer in criminology at the University of Surrey saidL “When we look at nation state activity through the lens of this report, it comes as no surprise that we have seen such an escalation over the past year; the writing has been on the wall for some time.”

“Nation states are devoting significant time and resources to achieving strategic cyber advantage to advance their national interests, intelligence gathering capabilities, and military strength through espionage, disruption and theft. Attempts to obtain IP data on vaccines and attacks against software supply chains demonstrate the lengths to which nation states are prepared to go to achieve their strategic goals.”

To de-escalate cyber-tensions and prevent nation states from being drawn into further acts of cyberconflict, 70 per cent of the expert panel said it is necessary to create a cyberconflict treaty.

“Any prospect of a cyber-treaty will depend on two key factors: scope and consensus,” said Dr. McGuire. “Any treaty would need to specify the parties included, the range of jurisdictions involved and the activity it would cover. Nation states also need to agree on the principles that would shape any cyber-treaty, such as weapons limitation. But these factors can be hard to define and achieve – just look at the recent proposal for a cybercrime treaty put to the UN. While the proposal did pass, 60 members voted against it and 33 abstained. A lack of international consensus would make any cyber-treaty unlikely to succeed.”

Share Story: