As the world becomes more interconnected through the widespread adoption of technology such as IoT, wearable tech and multifunction networked devices so will the corresponding vulnerabilities and security concerns. As nations, businesses and individuals increasingly depend upon technological infrastructure to conduct daily operations the risk associated with denial of service, espionage and data corruption also increases. If redundant security controls are not put into place, this increased dependence creates single points of failure that can be used to disable, deny and destroy assets, resources and capabilities via electronic means. This is a clear example of an asymmetric warfare technique in that it provides a potentially large effect with a relatively small investment and potentially zero blowback in that case of plausible deniability.
As this interconnectedness and dependence on networked (smart) devices continues to grow so does the digital knowledge gap between those who create and manage technology vs those who simply use technology. This knowledge gap extends to government officials and decision makers responsible for dictating national defense related policies and practices. Without a proper understanding of the evolving digital battle space it is possible for one to not even understand the possible threats and vulnerabilities that exist, or will likely exist if trends continue.
For example one of the most notable examples of nation state cyber espionage took place between 2014 and 2018 when the Chinese Advanced Persistent Threat (APT-10) group attacked the United States and 11 other countries around the world. The cyber campaign, named CLOUD HOPPER, was focused on infiltrating Managed Service Providers (MSP’s) which allow for other companies to outsource backend functions such as payroll, human resources and vendor management. Many companies and organizations use MSP’s including the U.S. government which was the focus on this attack.
APT-10 focused their attack directly on the Managed Service Provider and the customers of the organization. The hackers used methods such as email phishing to gain access to the servers of the Managed Service Provider and then installed malware to get remote access and to steal credentials. APT-10 used the credentials of the Managed Service Provider to gain access to many of their customers which included the U.S. Navy. The result of this intrusion was that the hackers were able to gain access to the personal information of more than 100,000 U.S. Navy personnel and members of other government agencies.
This example highlights the U.S. Navy’s reliance on a third party service provider for cloud based infrastructure. This service allowed the U.S. government to fulfill certain tasks more efficiently and was likely more cost effective. However, this convenience came at a price which included increased vulnerability. The growing interconnectedness of people, organizations, services and resources opens up new attack vectors that government officials will need to first be aware of, and then create systems to protect against. This however is a difficult task due to the ever increasing attack surface, vulnerabilities and advancements in technology. When cyber warfare activities are considered in relation to globalization, technology dependence and the digital knowledge gap, this creates an environment that is highly primed for the more subtle elements of modern warfare such as information operations, economic warfare and other forms of covert sabotage and subversion.