Global network security company, FireEye, has released a report titled World War C: Understanding Nation-State Motives Behind Today’s Advanced Cyber Attacks which describes the international and local characteristics of cyber attack campaigns waged by governments worldwide.
FireEye provides automated threat forensics and dynamic malware protection against advanced cyber threats. According to the company’s website, the FireEye platform provides real-time, dynamic threat protection without the use of signatures to protect an organisation across the primary threat vectors, including Web, email, and files and across the different stages of an attack life cycle.
“Cyber weapons are being used as an advantage in real-world conflict,’ FireEye senior global threat analyst, Kenneth Geers, said. “Regions have their own set of cyber weapons, which they will use to their advantage when it comes to a conflict or to help their allies.”
Cyber attacks have proven themselves as a “low-cost, high-payoff way to defend national sovereignty” and to project national power. Various global regions present key characteristics for cyber attacks, with Asia Pacific home to large, bureaucratic hacker groups, such as the “Comment Crew” who pursues targets in high frequency, brute-force attacks.
Russia and Eastern Europe face cyber attacks that are technically advanced and highly effective at evading detection. Cybercriminals in the Middle East are dynamic, often using creativity, deception, and social engineering to trick users into compromising their own computers. The United States faces the most complex, targeted and “rigorously engineered cyber attack campaigns” to date.
“The biggest challenge to deterring, defending against, or retaliating for cyber attacks is the problem of correctly identifying the perpetrator,” Naval Postgraduate School professor, John Arquilla, said.
“Computer viruses, worms, and denial of service attacks often emanate from behind a veil of anonymity…the best chance to pierce this veil comes with the skilful blending of forensic “back hacking” techniques with deep knowledge of others’ strategic cultures and their geopolitical aims.”
FireEye’s report indicates a number of factors that could change the world’s cyber security landscape in the near to medium-term, including a cyber arms treaty that could stem the use of cyber attacks, increased focus on developing evasion methods that bypass detection, and privacy concerns from the PRISM which could restrain government-sponsored attacks in the U.S and globally.
“A cyber attack, viewed outside of its geopolitical context, allows very little legal manoeuvring room for the defending state,” Marshall Center professor, Thomas Wingfield, said. “Strategic attribution – fusing all sources of intelligence on a potential threat – allows a much higher level of confidence and more options for the decision maker.”