Why we need to take the threat of cyberwarfare seriously [Q&A]
The age of what might be called the hobbyist hacker is long gone, replaced by a much more serious trend towards organized crime and nation states being behind hacking and cyberattacks.
In an era where data can be weaponized, both businesses and governments need to take the threat seriously. It's important for security teams to understand how attacks are carried out and the motivations that lie behind them.
We spoke to Jon DiMaggio, author of The Art of Cyberwarfare, to find out more about the current threat landscape and how to deal with it.
BN: When did 'cyberwarfare' first start to become a major problem?
JD: Cyber Espionage campaigns against the United States began in the early 2000s and have progressed over the past two decades. China was one of the first nations to realize the advantages and benefits of incorporating cyber warfare into their military doctrine. Many other nations, such as the United States, Russia, and Iran, amongst others, have invested time, money, and human capital into cyber warfare and made it a key component of military and government operations.
BN: Is the main motive of attacks financial or to cause disruption?
JD: There is no 'main' motive as the objectives behind nation-state cyber campaigns change based on the nation's goals and the political climate. Often geopolitical influences change and directly affect the specific targets and motivations of the state orchestrating the attacks.
BN: How big is the wider risk to infrastructure like electricity grids?
JD: As we saw in 2021, when cybercriminals took down Colonial Pipeline, resulting in a fuel shortage across the US, our critical infrastructure is at risk from cyber threats. While the problem is getting better, we are far from having the hardened, secure infrastructure necessary to protect the critical services we rely on for day-to-day life. Let me put it this way, if criminals with far fewer resources than a state-backed threat can stop fuel distribution across the east coast of the United States, a nation-State could do the same on a much larger scale.
BN: President Biden recently signed an executive order on cybersecurity, have governments been too slow to react to issues like supply chain security?
JD: It is good we are taking action to make government and critical infrastructure protection a priority, but it should not have taken a significant incident to drive the effort. I addressed this issue directly with the United States Senate in 2013 when we found state actors in energy-related critical infrastructure. Due to a lack of funding, the Senate took no action. This problem is not new; it is just getting attention now since criminals significantly inconvenienced Americans by disrupting our access to fuel.
BN: How big a role will technology like AI have in combating threats in future?
JD: The formula to defeat advanced threats such as nation-state and ransomware criminals combine AI and human threat hunters. AI is fast and can adapt to the ever-changing tactics used by advanced attackers. Traditional defenses work against conventional threats, but advanced threats with a human behind the keyboard often defeat these defenses. Human threat hunters working to identify and confirm the threats found with AI-based defenses is the most effective way to defeat these threats.
DiMaggio's book is available in print and ebook form direct from the publisher No Starch Press or from Amazon.
Image credit: PantherMediaSeller/depositphotos.com