Cyber: The Swiss army knife of tradecraft

Posted on by ESET Ireland

In today’s digitally interconnected world, advanced cyber capabilities have become an exceptionally potent and versatile tool of tradecraft for nation-states and criminals alike.

For thousands of years, nations have engaged in espionage, spying on their neighbors, allies, and adversaries. Traditionally, this realm of “espionage” relied heavily on human intelligence, but that started changing in the early 1890s with the advent of technologies like the telegraph, telephone phone and subsequently radio signals intelligence (SIGINT). However, in today’s digitally interconnected world, advanced cyber capabilities have become an exceptionally potent and versatile tool of tradecraft for nation-states and criminals alike, marking a significant evolution in espionage for the 21st century. 

Six advantages of cyber operations 

Cyber capabilities are highly valuable for nation-states pursuing political, economic, and military goals, offering significant advantages at a relatively low cost in terms of resources and risk.

  1. Cyber operations can be stealthy, allowing for undetected access to target systems for data harvesting or covert activities, as seen in incidents like SolarWinds.
  2. They can also be loud and disruptive or destructive, as evidenced in conflicts in Ukraine and the Middle East.
  3. Cyber means are manipulative, useful for influencing scenarios, and increasingly deployed across most continents.
  4. They are lucrative for financial gain, as demonstrated by activities attributed to various cybercriminal groups, some even allegedly affiliated to various countries.
  5. They can be outsourced by encouraging third-party operations as mercenaries or hacktivists willing to undertake these attacks in exchange for money or even for political goals and beliefs.
  6. And they have a high degree of deniability, as it can take time (including overcoming obfuscation techniques) to trace the origin of an attack with absolute confidence. 
cyber-operations-infographic

The cyber domain is also blessed with a variety of tactics, tools, and techniques, buoyed by a thriving dark web market and an endless array of vulnerabilities to be exploited. Moreover, the lack of significant deterrence or punishment for cyber activities adds to its attractiveness for nation-states. 

Global cyber operations and evolving tactics of major nations 

The increasing appeal of cyber capabilities among nations is evident, with many striving to maximize their cyber potential. It is said all countries spy, but some are viewed as going beyond accepted norms. An ever-increasing number of states are developing their own capabilities to conduct cyber operations beyond their borders or target foreign entities, including embassies, international organizations, companies, and individuals, within their own countries.

But when in-house capability is insufficient, or to enhance deniability, some nations resort to the private sector and cyber mercenaries. The number of nations involved in cyber operations could conservatively be over 50 and is growing globally. In fact, according to CERT-EU, there have been 151 malicious activities of interest targeting EU institutions. This global trend underscores the growing significance and evolution of the threat landscape. 

A window into a complex world 

Activities in cyberspace are glimpses into the complexities of geopolitics, and often attacks can only be understood through the lens of political intent. The world’s three great powers are locked in a contest for influence, prosperity, and power. In most regions, there are live conflicts, simmering tensions, political, security, and economic challenges. In this climate of instability, heightened competition, often disillusioned populations, and in a more digitally connected world, cyber is an extremely convenient tool for states to deploy. It is rare nowadays when bilateral disputes do not involve some form of cyber dimension either from state actors, their proxies, or aligned/influenced hacktivists. Whilst some contests in cyberspace between nations are predictable, bilateral spats can also erupt without warning. 

Securing agreement on binding international norms of reasonable state behavior in cyberspace seems unrealistic in the medium term despite efforts by the UN. Faced with this uncomfortable reality, the need for greater international cooperation, policy frameworks, and awareness campaigns to manage and mitigate the risks associated with these malicious activities is becoming more pressing than ever. Building resilience will require a holistic, society-wide approach, as the cyber domain is set to remain a pivotal battleground in an increasingly restive world.

by Andy Garth, ESET

Leave a comment