Why nation states engage in cyber-attacks


Alongside the missiles and bombs slamming down in Ukraine, the country has also been hit by a wave of cyberattacks targeting critical infrastructure companies. The timing and scale of the attacks point towards hackers working at the behest of Russia. Mint explains:

What has happened in Ukraine so far?

Ukraine  has  been  one  of  the  primary targets of Russia since 2020. The recent spate of attacks started in mid-January and knocked out websites of the ministry of foreign affairs and the ministry of education. The attacks have intensified in the last few weeks and now, banks in Ukraine are being targeted. Ukraine’s minister of digital transformation said this week that more government websites and a number of banks have been hit by another mass distributed denial of service (DDoS) attacks this week. DDoS attacks disrupt online services by overwhelming websites with more traffic than their server can handle.

What is cyberwarfare?

Cyberwarfare has emerged as a new form of retaliation or passive aggression deployed by nations that do not want to go to actual war but want to send a tough message to their opponents. In June 2020, security experts from Cyfirma uncovered a conspiracy by Gothic Panda and Stone Panda, two China-based hacker groups, to target media and critical infra companies in India with large-scale attacks amid the border stand-off between India and China in Ladakh. For many countries, cyberwarfare is a never-ending battle as it allows them to constantly harass and weaken geopolitical rivals.

Malicious intent

View Full Image

Malicious intent

Which countries are behind state-backed cyberattacks?

Russia is one of the top perpetrators of state-backed cyberattacks. According to an October 2021 report by Microsoft Corp., Russia accounted for 58% of state-backed attacks worldwide, followed by North Korea (23%), Iran (11%), and China (8%). North Korea is said to have built a cyber army of 7,000 hackers.

Which companies are targeted and why?

State-backed cyberattacks are usually carried out to steal state secrets, trade deals and weapons blueprint, or target large multinationals to steal their intellectual property (IP) and use it to build local industry. Cryptos are also on the radar now. North Korean hackers reportedly stole cryptos worth $400 million in 2021. However, when states launch cyberattacks on other states as a result of worsening of geopolitical relations, the target is usually critical infrastructure firms to disrupt economic activity.

How often is India targeted?

Such cyberattacks rose 100% bet-ween 2017 and 2021, according to a global study by Hewlett-Packard and the University of Surrey. In 2019, the administrative network of the Kudankulam Nuclear Power Plant was hit by a malware attack by North Korea-backed Lazarus Group. China-backed hackers were believed to be behind a power outage in Mumbai in 2020. According to Black Lotus Labs, Pakistan-based hackers targeted power firms and one government organization in India in early 2021 using Remote Access Trojans.

Subscribe to Mint Newsletters

* Enter a valid email

* Thank you for subscribing to our newsletter.

Never miss a story! Stay connected and informed with Mint.
our App Now!!


Leave a Comment

Your email address will not be published. Required fields are marked *