Hackers come in all shapes and sizes. Often when IT professionals who work in the private sector talk about what they do for work to others, they are met with questions about hackers in a basement or a criminal organization motivated by Bitcoin. It is true that these two types of adversaries are an issue for the IT security professional that works independently of the government. However, just like the three-letter agencies of the United States, we should be paying attention to state actors, too.
China, Russia, Iran, and North Korea (among others) constantly seek to execute cyber-attacks and intelligence collection campaigns against the United States and its private companies. True, this can be for militaristic advancement and poise but it is also largely for economic advantage, particularly when it comes to the Chinese. China is currently on a 5- year plan to advance their country economically by way of being at the forefront of Artificial Intelligence (AI) technology and other leading technologies. Just this year, China has targeted 27 US universities as part of a mission to steal naval technology and launched an attack against the US pharmaceutical company Bayer to steal sensitive intellectual property.
In 2019 we learned from security researchers that Iran has been targeting telecom and travel industries to gather personal information on people in the US, Europe, Middle East, and Australia since 2014. Additionally, the US disrupted a North Korean plot to target companies in the media, aerospace, financial, and critical infrastructure sectors this year. From the outset of 2019, the US alone has seen 11 significant cyber incidents executed by Russia, China, Iran, UAE, and North Korea. 39 significant cyber-related incidents have been exercised by the same actors this year against the US and its allies. It is only June and this is information is exclusively public, so there is certainly more that have not been disclosed.
For the IT security professional in the 21st century, it is increasingly important to keep an eye on international affairs. What motivates a state actor, as well as any other actor, can greatly influence how an IT security professional does their job. The data and patterns of significant cyber incidents on private US companies consistently tells us that the risk is great enough to be a motivator in hiring an IT security & audit team and for that team to be actively aware of the threat.
It is equally important to the customer as it is to the IT security team to look at the information they have and decide if they are a likely target. They must ask themselves if their industry is high-risk, or if their company is high- risk, for cyber-attacks by state actors. Almost always, the answer will be yes, because somebody somewhere will always want the information you have. A designated IT security team cognizant of every type of actor, no matter the industry they do their job for, is paramount for effective information security.
Reference:
Significant Cyber Incidents. (2019, May). Retrieved May 29, 2019, from https://www.csis.org/programs/cybersecurity-and-governance/technology-policy-program/other-projects-cybersecurity
