News
Recent cyber attacks show increased nation state activity, says former NSA Director
March 2021 by dmiral (ret.) Michael S. Rogers
Cyber attacks launched by nation states are becoming more proficient and more aggressive. This was the message from Admiral (ret.) Michael S. Rogers at the NetDiligence Cyber War Webinar Series.
Speaking at the online event, Admiral Rogers, the former Director of the National Security Agency and Commander of US Cyber Command who is on the board of directors at cyber risk analytics specialist CyberCube, said that the breadth of activity by states including Russia and China had increased following a lull after the impact of 2017’s allegedly Russian ransomware attack, NotPetya. He also stated that the boundaries between nation states and criminal gangs were blurring as some states employed organised cyber criminals to launch attacks on their behalf.
Talking about the recent resurgence of nation state-inspired cyber-attacks, Admiral Rogers said: “We went through a period between about 2011 and 2017, during which nation states increased levels of activity. This includes the NotPetya hits in the summer of 2017, probably the largest global event we’ve ever seen. And after that, given its repercussions, there seems to have been a bit of a step back.”
Admiral Rogers said in the following three years, the breadth of activity has changed with the SolarWinds attack in December 2020 and the attack on Microsoft Exchange this month both arguably evidence of increased nation state activity.
Admiral Rogers added: “You’re seeing criminal groups share tools, and you’re seeing the lines between nation state and criminal group blur a little bit. The Russians in particular, often tend to use criminal groups to engage in state-associated activity. This proliferation of tools is creating a challenging environment.”
Admiral Rogers touched on a variety of topics including cyber war definitions and when a nation state might define an event as criminal activity. Focusing on the impact of COVID-19, he noted that the nature of working from home meant that traditional approaches to cyber security had been rendered partially redundant as infrastructure is shared with family.
“We’re not all sitting behind a central security stack right now. Now we’re dispersed,” he explained. “We’ve blurred the lines between what is ‘business infrastructure’ and what is ‘personal infrastructure’. The bottom line is the attack surface is just proliferated as a result.”
Admiral Rogers was speaking to Darren Thomson, CyberCube’s Head of Cyber Security Strategy. CyberCube is one of the sponsors of NetDiligence’s Cyber War Webinar Series.
