A nation-state attack is a calculated cyber-attack either by a foreign government or professional hackers financed by one.
A nation-state attack usually focuses on another country’s government, military, or critical infrastructure. It wants to know what politicians, advisors and influencers are thinking and use that to influence policy or subvert elections. Or to obtain the key codes to start a meltdown or to control infrastructure.
It is all about knowledge is power. “Know thy enemy and know yourself; in a hundred battles, you will never be defeated” – Sun Tzu.
It is increasingly about exfiltrating data, trade secrets or information from health care, science, enterprises, finance and – well any sensitive database.
And believe it or not, individuals are now a substantial target – journalists, opinion leaders, and power brokers. Or even relatives and close friends of influential people.
GadgetGuy asked its US Correspondent and resident nation-state security expert Sam Bocetta to tell our readers what this is all about and why we should be concerned.
A nation-state attack is a new form of warfare – spying from the safety of your armchair
In the old days, foreign spies would infiltrate governments and other enterprises. They were sleepers reporting back what nuggets of information they could unearth.
Their tools were simple – phone hacks, break and enter, paid informants, seduction, and blackmail. Today, there are an estimated 10,000 Chinese spies in Washington DC alone and hundreds of thousands embedded in US business. But it is not just China. Although it seems to be the most prolific as it has relentlessly and successfully attacked Australia for over a decade.
Fast forward to the cold war where presidents and dictators of questionable sanity had nuclear footballs that could start global genocide. These arms races are now impractical as everyone has them. Weapons of mass destruction do too much physical damage to the country you want to conquer and occupy.
The battle now is purely online
Certain world Governments seek an advantage by stealing trade secrets, control or plant information, sway public opinion (fake news), uncover military and defence secrets, and launch cyberattacks with hefty ransoms to increase their funding. Hell, North Korea’s petty cash economy lives off the latter.
The recent discovery that TikTok’s security flaw is also a gateway for hackers is a prime example of the possibilities of hidden mechanisms for nation-state attacks. No wonder US President Donald Trump recently announced a ban on WeChat and TikTok.
But invariably the attack starts with something as simple as a click-through on a phishing email. Although increasingly access is from a compromised insider – someone that has been indoctrinated, radicalised, blackmailed or threatened. Resistance is futile if your family or loved ones are at risk.
What exactly is a nation-state attack?
A nation-state attack is usually an advanced, persistent threat that begins as a ‘zero-day attack’. The term ’zero-day attack’ uses a flaw found in software before the software’s developers know about it. These types of attacks are very sophisticated and difficult to track.
Aside from cyberattacks that steal or blackmail users for money, most nation-state attacks are covert. Many nation-state hackers install hidden malware in software. It allows them to quietly monitor information relayed between individuals and companies, potentially for years.
For example, Chinese companies ZTE and Huawei and TCL/Alcatel allegedly acceded to the Communist Chinese Party (CCP) request to install spyware in their citizen’s phones to surveil and censor information. Hell, for that matter any Chinese made phone could potentially do this