Understanding the Landscape of Nation-State Cyberattacks

October 25, 2023 - JJ Thomas

Nation States and Ideological Extremist Groups are increasingly using cyberattacks to compromise State, Local, and Federal Governments. To combat this concerning trend, a team of researchers from the MSU School of Criminal Justice built an open-source database of cyberattacks committed by Nation States and Extremist Groups.

Dr. Tom Holt, lead researcher on this study, was motivated to create the database in response to recent and notable state sponsored cyberattacks on the United States, including one of the most devastating cyberattacks against the nation. In 2014 and 2015, the US Office of Personnel Management was hacked and over 22 million people’s data was exposed.

Dr. Tom Holt notes the severity of this attack, saying “imagine being a federal employee with a top secret clearance and knowing that a foreign power likely has your fingerprints and the information you provided in order to get that clearance.”

 

The research team used the database to analyze differences between cyberattacks performed by nation-state groups and non-nation-state sponsored actors. Their analyses were published in the journal Criminology & Public Policy. They found and found that nation-state attacks were more likely to use malware to engage in data breaches, rather than more overt forms of cyberattacks like denial of service attacks that knock websites and servers off-line. Nation-States were also more likely to attempt to affect multiple targets at the same time.

Due to the scale and complexity of cyberattacks, there is no one-size-fits-all solution to prevent the next attack. Individuals, businesses, and government can all be impacted by such attacks and all of them have different resources to protect themselves.

That being said, the researchers do have some recommendations on how governments can protect themselves from future attacks.

  1. Changing federal laws to criminalize the creation, possession, or supply of malware would help enhance sentencing options, increase the risk of using such tools, and possibly affect the supply of malware overall.
  2. Increase federal funding to support cybersecurity infrastructure at the local and state level, as well as in the small/medium business community as this can make it harder for attacks to be successful.

  3. Expand the cybersecurity workforce in both the public and private sector as this can help to make it harder for attacks to succeed.

However, in the everchanging landscape of cyber related threats, the best defense remains constant vigilance.

“It is clear that cyberattacks will not stop, whether they are coming from economically-motivated hackers or nation-state actors. As a result, we have to do our best to make it hard for an attack to be successful by using basic cybersecurity strategies.”

The study can be accessed in the journal Criminology & Public Policy here.