An historically large online data breach against Yahoo! that exposed the data of over half a billion of its customers has been traced to a team of Russian hackers. The perpetrators carried out the breach for a variety of reasons, including to spy on Russian and foreign businessmen and journalists and to make money by sending out spam, stealing credit card numbers, and redirecting search requests to pay-per-click websites. It appears that the hackers carried out their deeds with the help of a Russian government agency called the Federal Security Service.
State-supported hacking efforts pose a tremendous threat to an organization’s cyber security. A state-supported hacker can leverage the computing power of an extended organization to carry out his attacks. Using such pooled capacity, for example, a hacker can launch distributed denial of service (DDoS) attacks of crippling magnitude, the goal of which is to communicate so much traffic to a server that the server chokes on the volume and becomes unresponsive. Or, using its cumulative computing resources, a hacker could brute-force passwords, trying every conceivable combination of letters and numbers in an effort to determine the password that will give them access to a system for which they have not been authorized to use. With the support of an army of cyber researchers, a hacker could create particularly pernicious malware, having had the opportunity to code, test, and debug it using a team of programmers performing an extensive battery of tests. A lone wolf couldn’t perform such in-depth multi-faceted development and testing, but a hacker team could, similar to the way a software development team can create more sophisticated software more quickly by applying the service and expertise of several expert developers working together to build components of the overall package. Furthermore, by tapping into the intelligence gathered by the state, such hackers could learn the best targets to pursue with their hackercraft as well as how best to cover their tracks as and after the malware delivers its payload.
It may well be that no organization alone can withstand the onslaught of a state-sponsored hacker attempt. Instead, the federal government must take a more active role in working with companies to protect their cyber assets. There is, of course, a line between government and industry that cannot be crossed, lest citizens grow increasingly and appropriately concerned about government’s invasion of personal privacy. But the government can help create a comprehensive communications network – a national cyber warning system – by which news about cyber attacks against parallel organizations are shared more readily and appropriate remedies and effective contingency plans are crafted collectively. Such partnerships should begin by focusing on how best to support critical infrastructures like energy distribution and transportation systems. Once proven effective for such critical and high-valued targets, the same kinds of state-sponsored cyber attack response mechanisms can be expanded to protect other commercial and governmental interests.
The best way to counteract state-sponsored hacking is with a coordinated, state-sponsored defense that proves its worth by safeguarding the nation’s critical infrastructures and then expands to protect private sector organizations. A national cyber warning system should be created to counteract the sophisticated cyber threats launched by foreign nation-states.