Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

6/2/2021
10:00 AM
Adam Darrah
Adam Darrah
Commentary
Connect Directly
LinkedIn
RSS
E-Mail vvv
50%
50%

Chaos for the Sake of Chaos? Yes, Nation-States Are That Cynical

Many nation-state-backed attacks are intended to destabilize the US government, not steal from it.

We're hearing more and more about cyber-espionage activity launched by nation-states, but this doesn't necessarily mean these cyberattacks, hacks, and disinformation campaigns are happening more often. Cyber-enabled operations by criminals, nation-states, and curious dilettantes have been constants that are increasingly reported, examined, and weaponized. Furthermore, reports often place cyber espionage, hacks, data breaches, and influence campaigns under the "cyberattack" umbrella, which conjures up the feeling that individuals, communities, and nations are under perpetual attack by hostile external forces.

By clarifying the difference between cyber-intelligence operations and hacking, we can better understand espionage and the motives of US adversaries:

Related Content:

Nation-State Attacks Force a New Paradigm: Patching as Incident Response

Special Report: Assessing Cybersecurity Risk in Today's Enterprises

New From The Edge: The Makings of a Better Cybersecurity Hire

  • Espionage is intelligence derived from a technology-enabled, intrusive operation sponsored and executed by a nation-state's intelligence service. It does not necessarily mean that a country has been attacked. All nations seek insight into their adversaries' leadership, military, economic, and political plans and intentions, and use espionage to gain those insights.

  • Hacking is a bit more nuanced. Hacking can be the unauthorized access of another person or entity's technical equipment, systems, or software with intent to do harm. Hacking can also be part of an intelligence operation for the purpose of releasing embarrassing information about a rival country's political elite to destabilize the rival while demonstrating its own virtues.

This juxtaposition is useful in authoritarian-leaning countries where political and economic stability is more fragile. Knowing the purpose of a hack (versus what it did) can help discern if it was an act of war, criminal behavior, a hack-and-dump operation designed to embarrass, or an attempt to infiltrate a group to sow dissent.

But why does this matter to the average person, and what role do citizens play?

Raising Awareness of Nation-State Motivations
It's hard for Americans to imagine that nation-states just want to "watch the United States burn," but our adversaries are that cynical. This also provides them cover. In addition to gaining political intelligence and stealing intellectual property, a lot of cyber espionage is focused on political interference and creating chaos. These campaigns create a sense of "look at what these Americans are about" and aim to build an internal power base with propaganda to showcase a false view of the instability of democracy.

A great example of this positioning is Vladimir Putin's interview with Megyn Kelly in March 2018, which showcased the vast amount of knowledge our adversaries have. Putin seized the moment to message Russian strength at the expense of a smart, well-prepared veteran journalist. Messaging matters, period. Putin also meant to send a message to the United States that it was time to stop the tit-for-tat meddling in each other's internal politics (from the Russian perspective). It was a master's course in Russian messaging.

Another platform for US adversaries is social media, which has become an extremely divisive place. I argue that a lot of the politically charged content being shared online — you know, the totally outlandish posts you either can't believe or seem so crazy that you think maybe they're true — result from nation-state misinformation and disinformation campaigns.

Misinformation is objectively false information disseminated unintentionally by an unwitting entity. Disinformation is the willful, intentional dissemination of inaccurate or false information with the intention to polarize, propagandize, and deceive a population. From an intelligence standpoint, this tool is used to interfere in another country's politics. One example is the 2016 presidential election, where nation-states worked hard to keep various ideological camps at each other's throats. Or in 2020, where nation-states made counteraccusations about the "true" origin of the COVID-19 pandemic to keep people confused, scared, angry, and constantly questioning.

Individuals' Role in Combatting Disinformation and Misinformation
Our adversaries' motivations include creating distrust and sowing dissent. So, how can individuals avoid becoming unwitting victims of misinformation that supports our adversaries' goals? One way is to know that if you are reading something extremely hyperbolic, it is most likely false. Take a breath; pause before you believe it, take a minute to digest the information, and don't just click and share it. Algorithms know us and our habits, and adversaries are monitoring that too. Make sure you are doing your research to seek validated news sources to confirm any story you read online.

People should understand that what they know, who they know, and what they have access to matters. They may not feel that they would add value to a nation-state's misinformation campaign, but everything people do matters. Even average people have more access, insight, and connections than they realize.

No one should be complacent in thinking they are off-limits. We are all targets to our adversaries and threat actors, who are extremely sophisticated in understanding American culture. They don't trust our society, and they think we are doing the same things to them. It's time to rethink the rules of the game our adversaries are playing because they are not even on the same playing field as we are.

Adam Darrah is an experienced intelligence analyst, skilled in putting international affairs into cultural and political context. Adam spent eight years working for the US government, coordinating across several federal agencies to fill critical knowledge gaps on national ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Data Breaches Affect the Enterprise
Data breaches continue to cause negative outcomes for companies worldwide. However, many organizations report that major impacts have declined significantly compared with a year ago, suggesting that many have gotten better at containing breach fallout. Download Dark Reading's Report "How Data Breaches Affect the Enterprise" to delve more into this timely topic.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-4020
PUBLISHED: 2021-11-27
janus-gateway is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2021-23654
PUBLISHED: 2021-11-26
This affects all versions of package html-to-csv. When there is a formula embedded in a HTML page, it gets accepted without any validation and the same would be pushed while converting it into a CSV file. Through this a malicious actor can embed or generate a malicious link or execute commands via C...
CVE-2021-43785
PUBLISHED: 2021-11-26
@joeattardi/emoji-button is a Vanilla JavaScript emoji picker component. In affected versions there are two vectors for XSS attacks: a URL for a custom emoji, and an i18n string. In both of these cases, a value can be crafted such that it can insert a `script` tag into the page and execute malicious...
CVE-2021-43776
PUBLISHED: 2021-11-26
Backstage is an open platform for building developer portals. In affected versions the auth-backend plugin allows a malicious actor to trick another user into visiting a vulnerable URL that executes an XSS attack. This attack can potentially allow the attacker to exfiltrate access tokens or other se...
CVE-2021-41243
PUBLISHED: 2021-11-26
There is a Potential Zip Slip Vulnerability and OS Command Injection Vulnerability on the management system of baserCMS. Users with permissions to upload files may upload crafted zip files which may execute arbitrary commands on the host operating system. This is a vulnerability that needs to be add...