State-sponsored cyber threats on the rise

FireEye warns of the escalation of nation-state cyber attacks

Tags: Cyber crimeFireEye (
  • E-Mail
State-sponsored cyber threats on the rise Ray Kafity, regional sales director MEA of FireEye.
By  Ray Kafity Published  March 25, 2013

Reports of a co-ordinated cyber attack on South Korean banks and broadcasters - along with yesterday's news of Nato's new manual around cyber warfare - evidences the fact that nation-state attacks are increasing in their prevalence.

These latest attacks on South Korea, for instance, have immediately provoked suspicion that the attack originated in North Korea due to ongoing political tensions.  According to reports, national broadcasters KBS, MBC and YTN were affected by an unexplained halt to their computer networks, which disrupted broadcasts.  The attack also appears to have affected banks in South Korea, with Shinhan Bank and Nonghyp Bank reporting breaches to their systems. 

This follows the release of a new Nato handbook, which aims to define rules around cyber warfare.  The manual warns governments to refrain from launching attacks on hospitals and nuclear plants, and defines a cyber attack as one that is "reasonably expected to cause injury or death to persons or damage or destruction to objects.  The legislation warns against attacks on critical infrastructure, "even when [the targets] are military objectives" due to the potential for widespread loss of life.  Nato's attempts are undoubtedly to be advocated, but whether or not the manual can realistically be enforced is yet to be seen.  The handbook is the first attempt of its kind and was produced by a team of 20 legal experts working for Nato's Co-operative Cyber Defence Centre of Excellence (CCDCOE) in Tallinn, Estonia.   The CCDCOE centre - which Britain is expected to join later this year - was itself established in 2008 in response to a series of cyber attacks on Estonia, thought to be state-sponsored and originating from within Russia.

The alleged state-sponsored attack on South Korea at the hands of North Korea highlights the need for international co-operation and more robust defences, in order for nations to be better equipped to concurrently protect their national interests from attack, while avoiding any unwarranted suspicion themselves.  A recent study by the Korea Internet Security Centre warned that North Korea was in the process of training a team of cyber hackers to undertake a devastating attack on the South's critical infrastructure. These fears of a further attack on South Korea highlight the fact that nation-state attacks are highly complex and well financed, making it extremely challenging for bodies such as Nato to intervene.

Indeed, while Nato's attempts to tackle the escalating issue of cyber warfare are certainly to be welcomed, the new set of rules are unlikely to provide a ‘blue sky solution' to the fast evolving threat landscape.  Indeed, we expect Nato will face much difficulty defending these protocols, as cyber criminals have long been able to hide behind false identities and cover all trace of their illegal activity.  The sheer level of sophistication of today's cyber attacks has increased exponentially in recent times and as a result it is likely to prove a considerable challenge for Nato to uphold its new set of regulations against the wave of next-generation hackers, who are now armed with highly advanced and targeted malware.

It appears that first- and second-world countries are beginning to wake up to the realities of the evolving threat landscape and the wave of nation-state attacks.  However, despite the increased awareness, much more is needed to be done to ensure that nations, governments and organisations are as robustly protected as possible, particularly as Nato's attempts to lay down the law will be extremely difficult to enforce.  Nations and organisations with critical infrastructure to protect, along with other valuable assets including intellectual property and so on, must be mindful of the limitations of traditional security tools as well as the emerging legislation designed to mitigate the threat.  Quite simply, with the cyber threat set to escalate, the UK - along with other nations worldwide - must now proactively address security with immediate effect.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code