The cyber world has truly become the next geo-political battleground, and everyone is target, says Trevor Reschke, head of Threat Intelligence at Trusted Knight
Throughout the Cold War, terrorism was generally conducted by various anti-communist dictators, soviet sponsored communist groups and anti-democratic Islamic regimes which, for the most part, had a regional impact. Concurrently, significant clandestine efforts between the superpowers led by proxies and ‘advisors’ had a significant impact on global economic, security, and politics. These clandestine efforts, or shadow conflicts, were fought by non-standard forces whose intent was to destabilise countries that held strategic value to the opposing superpower – or to purely harass and distract the other superpower to expend and waste resources. Meanwhile, the world was transfixed on the very public arms race between the East and West.
We now have an entirely new ‘arms’ race, one where participation is not limited to the superpowers, but can also be joined by rogue nations, terrorist organisations and criminal elements. These groups engage in direct overt and clandestine activities, directly and indirectly supporting fringe governments with mercenary services to further their criminal, political and ideological goals.
We have entered an age where the risk, time, resources, and funding for traditional methods or operations provide significantly less return on investment than cyber efforts. In fact, the new cyber paradigm has the potential to cause significantly more damage to a target’s economic, political, financial, security and defence systems than any traditional method. However, the terror aspect has not materialised in quite way we usually imagine it. Traditional terrorism has been seen to require significant loss of life to be effective. When it comes to cyber, the countries who possess the capabilities to carry out such an attack are unwilling to risk providing that access to fringe elements, even in a remote government thanks to the potential global repercussions of those capabilities.
The invisible and untraceable threat Much like the arms trade business, there are mass produced cyber weapons that usually originate from one of the super powers. It’s now common to see malicious code that has been modified over time, but its heritage can be traced back to a handful of Russian criminal software developers. This malware is often bought by different criminal elements – from teenagers in their bedrooms to nation states – and adapted to specific needs, often to the point where whole new families of malware are born. By using known, serviceable malicious code the attacker gains a significant level of covert status as the attribution is near impossible, especially when the target faces many threats.