Page 57 - Cyber Defense eMagazine June 2024
P. 57
This support may take the form of financial backing, be it funding for attackers or the development of
tools. Alternatively, it may be training and resources, or simply offering a combination of sanctuary and
cover by ignoring the cyberoperations originating within those borders.
The attacks are linked to the political or economic goals of the ‘sponsoring state.’ The most common
objective is the theft of intellectual property from businesses in a different country, or simply to influence
public opinion.
However, in more extreme cases, state-sponsored attacks can aim to disrupt critical infrastructure like
power grids or communication systems, or even gain military advantage by stealing information – as
cyberattacks become cyberwarfare.
State-sponsored techniques
With such a strong set of resources, state-sponsored groups often have access to a sophisticated arsenal
of techniques and tactics. However, when compared to isolated, lone wolf actors, or indeed, small
organised criminal gangs, one aspect that characterises state-sponsored groups, is the alignment of
these tools to a particular objective.
For example, if espionage or the theft of sensitive data is a primary objective, state-sponsored groups
have been seen to use:
• Spear phishing: Crafting emails that appear legitimate, tricking targets into revealing information
or clicking malicious links.
• Watering hole attacks: Compromising websites frequented by the target, infecting their computers
with malware when they visit.
• Zero-day exploits: Utilizing previously unknown vulnerabilities in software, often acquired through
targeted attacks on software developers.
• However, elsewhere, when trying to cripple critical infrastructure, these groups have employed:
• Denial-of-service (DoS) attacks: Flooding a system with traffic, making it inaccessible to legitimate
users.
• Malware: Destructive software that can delete data, encrypt files for ransom, or disrupt operations.
• Supply chain attacks: Targeting software providers to inject malicious code into their products,
impacting users unknowingly.
• Lastly, there has also been an array of techniques used to influence and manipulate public opinion
(typically around political discourse) such as:
• Social engineering: Using social media platforms to spread disinformation, propaganda, or incite
unrest.
• Hacking and leaking: Stealing and releasing sensitive information to discredit opponents or sway
public opinion.
• Botnets: Networks of compromised devices used to amplify fake news and manipulate online
conversations.
• As a mark of the sophistication of the thinking behind these techniques, they are even deployed
in different contexts.
Cyber Defense eMagazine – June 2024 Edition 57
Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
