Economic pressures and sanctions, jihadist activity and rising tensions around the world will spur cyber-activity in 2018 – with Russia and China leading the way in capabilities, which could cause potentially catastrophic attacks.
Flashpoint’s latest Business Risk Intelligence (BRI) Decision Report found that the top trends and indicators for cyber-risk decision makers to watch in 2018 include tensions in East Asia over the North Korean nuclear program, the impact of official US policy changes on the Iranian nuclear accord, US- and European Union-led economic sanctions on Russia, US recognition of Jerusalem as the capital of Israel and other nation-states’ adoption of the Russian model of engaging in cyber-influence operations. Meanwhile, the power struggle between Saudi Arabia and Iran for influence in the Middle East fuels ongoing conflict within the region, as does the continued instability and violence in Syria.
“Few would say that 2017 was an uneventful year in the realm of global geopolitics, and this year is already shaping up to be fraught with similar volatility,” said Jon Condra, director of Asia Pacific Research at Flashpoint, in a blog. “As such, organizations seeking to proactively combat relevant threats and address enterprise-wide risk must regard geopolitical context as a core component of their intelligence programs.”
Russia and China are the two nation-states with the most concerning capabilities, the report said. Both are considered to possess the highest levels of technical sophistication, reserved for only a select set of countries. The actors can engage in full-spectrum operations, utilizing the breadth of capabilities available in cyber-operations in concert with other elements of state power, including conventional military force and foreign intelligence services with global reach. The capabilities they have are thus alarmingly advanced, according to Flashpoint: “Kinetic and cyber-attacks conducted by the threat actor(s) have the potential to cause complete paralysis and/or destruction of critical systems and infrastructure. Such attacks have the capacity to result in significant destruction of property and/or loss of life. Under such circumstances, regular business operations and/or government functions cease and data confidentiality, integrity, and availability are completely compromised for extended periods,” the report noted.
For Russia’s part, its state-sponsored hacking arms (such as Fancy Bear) remain highly active, capable and influential, the report said, with retaliatory and cyber-influence activity expecting to ramp up as it is increasingly isolated from the West following election interference and information operations against Western democracies.