Cyber-attacks launched by nation-states are becoming more proficient and more aggressive. This was the message from Admiral (ret.) Michael S. Rogers at the NetDiligence Cyber War Webinar Series. Speaking at the online event, Admiral Rogers, the former Director of the National Security Agency and Commander of US Cyber Command who is on the board of directors at cyber risk analytics specialist CyberCube, said that the breadth of activity by states including Russia and China had increased following a lull after the impact of 2017’s allegedly Russian ransomware attack, NotPetya. He also stated that the boundaries between nation-states and criminal gangs were blurring as some states employed organised cybercriminals to launch attacks on their behalf.
Talking about the recent resurgence of nation state-inspired cyber-attacks, Admiral Rogers said, “We went through a period between about 2011 and 2017, during which nation-states increased levels of activity. This includes the NotPetya hits in the summer of 2017, probably the largest global event we've ever seen. And after that, given its repercussions, there seems to have been a bit of a step back.”
Proliferation of cyber-attacks
Admiral Rogers said in the following three years, the breadth of activity has changed with the SolarWinds attack in December 2020 and the attack on Microsoft Exchange in March both arguable evidence of increased nation-state activity. Admiral Rogers added, “You're seeing criminal groups share tools, and you're seeing the lines between nation-state and criminal group blur a little bit. The Russians in particular, often tend to use criminal groups to engage in the state-associated activity. This proliferation of tools is creating a challenging environment.”
Admiral Rogers touched on a variety of topics including cyberwar definitions and when a nation-state might define an event as criminal activity. Focusing on the impact of COVID-19, he noted that the nature of working from home meant that traditional approaches to cybersecurity had been rendered partially redundant as infrastructure is shared with family. “We're not all sitting behind a central security stack right now. Now we're dispersed,” he explained. “We've blurred the lines between what is business infrastructure and what is personal infrastructure. The bottom line is the attack surface is just proliferated as a result.”
- Network / IP
- Industrial security
- Commercial security
- Private sector security
- Public sector security
- Security management
- Security monitoring system
- Network monitoring
- Remote video monitoring
- Public security
- Industrial security systems
- Industrial surveillance
- Cyber security
- Corporate Security
- Data Security
- COVID-19
