State-sponsored cyberattacks have been increasing across the world but countries are choosing to remain quiet about the threat they face, Eugene Kaspersky, CEO of the eponymous cybersecurity firm Kaspersky told Al Arabiya English.
Reports of state cyberattacks have been rising in recent years. In one example earlier this year in June, Australian Prime Minister Scott Morrison said a “sophisticated state-based cyber actor” had targeted the government. Meanwhile, the US has regularly accused China of state cyberwarfare tactics, most recently linking Beijing to attacks on the Vatican in the lead up to talks between China and the Roman Catholic Church on stablizing relations.
“I’m afraid there are many incidents, cyber incidents, that are happening and simply the nations are keeping silent. They don't speak about this,” Kaspersky said in a wide-ranging interview last month with Al Arabiya English.
Kaspersky noted that cyberattacks, both criminal and state sponsored, have been growing exponentially in sophistication and volume over the past two decades.
“The sophistication of cyberattacks are growing all the time … Every day, we collect more than 300,000 new malicious applications – 300,000 new applications which we never saw before, every day,” he explained.
Meanwhile, governments have been taking to the cyber realm to conduct clandestine operations – often for longer than commentators had previously realized, Kaspersky said.
“State-sponsored attacks are not really new, because it's been happened since the early 2000s and we simply didn't recognize it. We thought it just was malware, and then these espionage campaigns they were getting more and more complicated,” he said.
Cyber sleuths stumped
Tracing these campaigns represents a challenge and it can often be difficult for security experts to find the source of an attack. Experts are frequently left looking for cyber “fingerprints” which can help identify the attacker, Kaspersky said. Examples of these might be the time of day of the attack – which can help point to which timezone the attackers are operating in – or the language used in the coding of the attack.
“[Cyber espionage] mostly speaks three languages. Native English, some from the Atlantic zone, native Russian, which is not so much active during the Russian holidays, and simplified Chinese, which typically are not active during the Chinese holiday weeks,” Kaspersky explained, without pointing to any individual state actors.
No smoke without fire
Governments tend to keep their cyberwarfare capabilities secret, should they need to unleash them in a cyber war in the future, which is partly why cyberattacks usually remain clandenstine.
“It’s top secret. We don’t have any access to this data simply because there’s the difference between traditionally kinetic weapons and a cyber weapon in that a cyber weapon is only a one time use weapon because if you demonstrated it, then everyone will patch their systems. It is not like a type of machine gun which could be used for decades,” Kaspersky said.
An increasing part of the world is reliant on technology, including critical public infrastructure such as power grids or transportation. The threat of a cyberattack could potentially hit nearly every aspectof modern life, and with nation states engaged in ongoing warfare, the threat is closer than ever before.
Last year, Venezuela suffered from repeated, and as yet unexplained, blackouts,with the power grid going offline for days at a time. Kaspersky has a simple answer for explaining how to examine attacks such as these:
“My first question when something like this happening is ‘are there any reports about smoke and fire?’ If no, then it’s a cyberattack,” he said.