CybersecurityDifferences between hacking, state-sponsored cyberwarfare increasingly blurred: Experts

Published 13 November 2014

Cybersecurity officials say that there is an increasing similarity between hacking attacks and full-on cyber warfare, as digital infrastructures continue to grow and play a larger role in everyday life. “It’s not a clear, bright red line,” said Mitchell Silber, the executive managing director of K2 Intelligence, “It really is more murky, the difference between where a cyber criminal hack ends and where some type of state or state-sponsored event begins.”

During a symposium at the John Jay College of Criminal Justice in New York on Tuesday, cybersecurity officials discussed the increasing similarity between hacking attacks and full-on cyber warfare as digital infrastructures continue to grow and play a larger role in everyday life.

As the Pittsburgh Tribune-Review reports, individuals from the Journal of Law & Cyber Warfare (JLCW), cybersecurity companies such as K2 Intelligence, and other organizations issued a stark warning regarding these increasingly indefinable boundaries.

“It’s not a clear, bright red line,” said Mitchell Silber, the executive managing director of K2 Intelligence, “It really is more murky, the difference between where a cyber criminal hack ends and where some type of state or state-sponsored event begins.”

The conference was preceded by news from the Department of Homeland Security (DHS) the week prior regarding a malware program called BlackEnergy which has infected control systems of American infrastructure facilities, including telecommunications, power grids, utilities distribution networks, and even some nuclear power plants. It is assumed that the Trojan Horse virus is connected to hackers backed by the Russian government, blurring the lines considerably regarding what type of attack it is, and even the type of partnership.

“I believe we are at a cyber war, but I don’t see my adversary as just someone who’s being paid by a government,” said James Christiansen, the vice president of information security at Accuvant, “My adversary is the cyber criminalist, he’s the hackivist, he’s Anonymous. There are all of these elements out there that are attacking the country I live in.”

Additionally, members of the symposium added that hackers have shifted from larger corporate targets to smaller companies that not only make up the majority of the economy, but also have fewer resources for defense.

“As bad as cyberattacks have been — with enormous credit thefts at top retailers and the loss of intellectual property from top manufacturers and law firms — cyber problems will keep getting worse,” Christiansen added.

Other events that were discussed included a group of Russian cyber spies known as Sandworm that have also worked with BlackEnergy malware and the infamous 14 May indictment of Chinese officials for the hacking of Pittsburgh, Pennsylvania-based businesses.

Roughly 100 people were in attendance to the invitation-only event, including members of the military, banking companies, law firms, and universities.