Sign in
This article was published more than 1 year ago
with Aaron Schaffer
The United States remains by far the world’s most cyber-capable nation with no major competitors for the title.
That’s the conclusion from a mammoth 182-page report released today by British think tank the International Institute for Strategic Studies that reviews the cyber capabilities of 15 of the world’s biggest players in hacking and digital defense. The report assesses both government and private-sector capabilities.
The report relegates the most troublesome U.S. adversaries, Russia and China, to a second tier of cyber powers. That group also contains the United Kingdom, Canada, Australia, Israel and France.
However, China’s rapid digital development and its growing slate of technology firms make it “the only state currently on a trajectory to join the U.S. in the first tier of cyber powers,” the authors warn.
The report marks a major endorsement for U.S. cyber capabilities, which have been called into question by a string of major cyberattacks by Kremlin-linked hackers and Russia-based cybercriminals. It also comes as U.S. officials are struggling to temper the global growth of Chinese tech firms, which they fear could give Beijing a critical edge in cyber competition.
“China has made significant progress in bolstering its capabilities since 2014, but nowhere near enough to close the gap with the U.S.,” said IISS Senior Fellow for Cyber, Space and Future Conflict Greg Austin. “The main reason is the relative standing of the two nations’ digital economies, where the U.S. remains far advanced despite China’s digital progress.”
American companies and government agencies are being pummeled by less capable nations — including not just Russia and China but also Iran and North Korea. And U.S. government hackers are less likely to punch back because they’re trying to follow rules of good behavior in cyberspace that their adversaries ignore, according to the report.
“The ways in which the U.S. wields its cyber power appear politically and legally constrained when compared with its main cyber adversaries,” the report notes.
It adds that “factors have combined to give the adversaries of the U.S. an edge in the use of unsophisticated cyber techniques that are aimed at subversion but pitched below the legal threshold for an act of aggression that might justify an armed response.”
In other words, U.S. officials can’t legally justify responding to most adversary hacks by counterpunching with traditional arms or cyberattacks. But more measured responses, such as economic sanctions and indicting hackers, have done little to deter adversaries.
IISS places Iran and North Korea in a third tier of cyber capability along with India, Japan, Indonesia and Malaysia.
That dominant position is due to many factors including:
But they’re far ahead of those U.S. allies when it comes to launching offensive hacking operations.
“In their development of offensive cyber mass, the scale of their respective operational experience, their proven reach on cyber espionage and the clarity of their political direction and doctrinal thinking, China and Russia probably surpass all other states except the U.S.,” the report states.
The most important factor for a country’s overall cyber capability is having a cadre of domestic companies focused on information and communications technology that can develop cyber expertise, the report finds.
That’s what gives China, with its raft of growing tech and telecoms firms, the best chance of challenging the United States’ top-tier position.
It also means tech-savvy Japan is most likely to move into the second tier, despite being relatively weak in cyber capabilities now.
The economic damage from a significant cyberattack could be worse than the loss caused by a major hurricane or other extreme weather event, according to a study out today from the Foundation for Defense of Democracies and the insurance firm Intangic. The study was shared in advance exclusively with The Cybersecurity 202.
One main reason is the indirect effects of a cyberattack, such as the damage to a company’s reputation and to its ability to attract investors and creditors, is far costlier in the long term than the property damage from extreme weather.
Hackers could cause about $80 billion worth of damage with a particularly widespread cyberattack, the report estimates. That’s compared with about $65 billion in damage due to Hurricane Sandy. The fictional but far from outlandish scenario for that attack involves hackers cracking into a company that provides digital services to thousands of other firms and then launching coordinated ransomware attacks targeting the firm and many of its clients.
The study is based on public data and a method for rating companies’ cyber risk developed by Intangic, which was formerly named Cyberhedge. Intangic qualitative research lead Chris Nolan co-wrote the study with FDD Deputy Director Annie Fixler.
The hackers compromised a Microsoft customer service account and used the information to try to hack Microsoft customers, the company said.
Microsoft discovered the operation while investigating an earlier breach by the group. It publicly released information about the operation after a warning to customers was seen by Reuters’s Joseph Menn.
Hackers also launched a broad phishing campaign that breached three Microsoft customers, the company said. The incidents appear to be “largely unsuccessful, run-of-the-mill espionage,” according to a White House official.
The most public phase of the partisan audit, which was fueled by baseless election fraud claims, has ended and a final report on its findings is now weeks to months away, the Associated Press’s Jonathan J. Cooper and Bob Christie report. The recount was ordered by the state’s Republican-led Senate, which signed a contract with the Florida cybersecurity firm Cyber Ninjas to lead the effort.
The company did not have election or auditing experience before the election. Its CEO, Doug Logan, has boosted baseless theories that the 2020 election was marred by fraud.
Meanwhile, Arizona’s Republican-controlled House moved to weaken the powers of Secretary of State Katie Hobbs (D), who has been an outspoken critic of the audit. The chamber passed measures that would make the state attorney general’s office the “sole authority” to defend Arizona election laws. The measures were already approved by the state Senate, and Gov. Doug Ducey (R) is expected to sign them into law.
Hikvision is turning to the former lawmakers as the company wrestles with the U.S. government’s severe restrictions on its U.S. operations, Drew Harwell reports.
Former eight-term U.S. representative Anthony “Toby” Moffett (D-Conn.) is representing Hikvision as is former senator David Vitter (R-La.).
The Biden administration this month banned Americans from investing in Hikvision after years of accusations that the company is tied to Chinese government spying and helping enable repression of the country’s Uyghur minority. Hikvision did not respond to requests for comment.
Mercedes-Benz USA accidentally puts out data from nearly 1,000 customers (Reuters)
Ukrainian member of FIN7 cybercrime gang sentenced in United States (Reuters)
Major government contractor Booz Allen helps cyber victims pay ransoms—exactly the opposite of U.S. policy (Forbes)
Amazon buys encrypted message platform Wickr (Financial Times)
NIST defines ‘critical software’ under the cyber EO (FCW)
The Hints from Heloise column is a little out of its depth when it comes to password security. From cybersecurity journalist Brian Krebs:
TL;DR, Solution to passwords: Use the same one everywhere. If the letter cited had just recommended writing down your passwords on a piece of paper that'd be fine. Sad part is a lot of Heloise's readership is probably going, "Hey, that's what I do, too. Look at me!" https://t.co/XWIpxOZTxr
Mystery Infrastructure Theater 3000 pic.twitter.com/eD5vP5uNX1
