The world will see more coordinated IT operations led by state-sponsored actors (APTs) working together and sharing the same goal, creating major problems, said a cybersecurity expert at LaComparacion Middle East.
"It's an arms race between defenders and pirates. In fact, as defenders get better, low-level hackers cut themselves off, while executives get sophisticated to do what they do," said Evan Kohlmann, founder and director. of innovation to the American company, Flashpoint enterprise risk information company.
Kohlmann has fifteen years of experience in the pursuit of Al Qaeda, ISIS and other terrorist groups and has been consulted, among others, by the US Department of Defense, the US Department of Justice, the Federal Police Australian and Scottish Terrorism Command.
"We are witnessing a new era of loose wars at very low cost and which is extremely effective. Launching a cyberattack is also very economical and it is very difficult to attribute it to anyone, but it is extremely efficient, even if it is to hack a Twitter account, he said.
"The people who have the upper hand are the state-sponsored groups. We are going to witness an expansion of the war on the loose using technology that is difficult to attribute," he said.
In addition, he said that the people who attack companies, countries and governments are not only hackers, but also terrorists.
"Threatening activities by illegal actors and online communities can negatively affect an organization's activities, stakeholders, employees, and customers. As a result, intelligence programs have become critical to reducing business risks, particularly for information. on cyber threats, fraud, insider threats, corporate and physical security, and third-party risk management teams. " he stated.
Over the past year, Flashpoint analysts in Yemen noted that Al-Houthis was linked to Iran by deploying increasingly lethal and long-range drones, as well as attacking strikes against strategic strategic targets, including essential civil infrastructure.
APTs become a great strategic threat
Kohlmann said the hacktivists were selling obscure web access to Scada, ICS (Industrial Control Infrastructure) and IoT systems of any country. The holders of these vulnerabilities can easily create many critical infrastructure problems for a country.
He said today that industrial control infrastructures were seen as an important part of a country's growth and had become a major target for attackers.
Most of these systems are used in electrical infrastructure, water and wastewater systems, oil and natural gas, transportation, chemicals, pharmaceuticals, pulp and paper, food. and dispersed products (automobiles, aerospace and durable goods).
"The technology used in drones and missiles is not only a threat to the government, but to everyone. We do not know what kind of threat it represents," he said.
For the past 20 years, he has said that everyone is focusing on al-Qaeda and Daesh, and so on.
"We are now witnessing the return of state sponsored attacks as they have much more effective technology to deliver them to terrorist groups." State-sponsored attacks are becoming a major strategic threat in the Middle East. Not only governments should be concerned, but also companies, "he said.
"Drones and cyberattacks are part of an evolving strategy. These people (state-sponsored actors) can launch attacks against their enemies in a loose manner and at a very low cost," he said.
After economic sabotage, spy targets
In addition, Kohlmann said that most of these technologies are currently controlled by humans, but if they are operated by automated entities, "how to tell the machine to shut down."
"What happens if a computer is not informed about what to do and what it lacks instructions, the result will be catastrophic? Human beings can make complex judgments about situations that they have never faced and do not understand," he said.
China, North Korea, Russia, Iran and to some extent Syria, they said, are the leaders of the state-sponsored attacks.
"These groups have objectives that have nothing to do with international security and economic sabotage and espionage. These TPAs are run by human beings and some of them were recruited from abroad on this mission due to their unusual abilities and not due to to your identity.
"It's difficult to predict someone like that and what they are going to do, and you are usually notified when it happened or happened," he said. saying.
Furthermore, he said that cyberattacks, which previously targeted government agencies and large corporations via ransomware, would target small and medium-sized enterprises (SMEs) that had never been heard of before. , with violations that cost thousands of dollars and are never caught. .
"SMEs think that having a firewall is enough, but it is a mistake when we look specifically at ransomware attacks. These are easy targets, money to earn and an easy way to scam them," he said.