Hacking and cyberwarfare go hand in hand

Since December 2022, Sweden has experienced several politically motivated cyber-attacks. Anonymous, a well-known hacker group, took down the main government website as a protest against the extradition of a Kurdish politician to Turkey (1). In February 2023, a pro-Russian cybercriminal gang called Anonymous Sudan (2) orchestrated a series of Distributed Denial of Service (DDoS) attacks on Scandinavian Airlines, Swedish Railways, Swedish Post, and Telecom Authority. In the case of Scandinavian Airlines, some customer data has been leaked. It seems that wave of attacks is still underway.

Sweden has been under the geopolitical spotlight since the beginning of the war in Ukraine. Its membership application to NATO triggered a spiral of events involving Russia, Turkey, and political figures from far right and extreme Islamist groups. Anonymous Sudan, in collaboration with different nation-state actors, has been mobilizing cyber-attacks to disrupt the operations of key institutions in Sweden in response to these geopolitical developments.

Hacktivism and Nation-state backed attack campaigns

Political hacktivism is not new, and it is mostly orchestrated by groups with specific political agendas, in their own accounts, such as defending freedom of speech, supporting political asylum cases, or raising awareness of environmental concerns. Nation-state backed campaigns are far more dangerous and aim to take down critical infrastructures such as electricity, gas, and healthcare networks in the targeted countries.  Threat actors “offer” their services to facilitate and run these potentially very dangerous cyberattacks on behalf of others.

Cybercrime is a big business

The size of the cybercrime underworld is estimated at over 1 trillion USD, nearly ten times larger than the cybersecurity market overall. Over the years security researchers revealed extremely complicated and skilful threat actors that offer tools, infrastructure, information and services to groups and nations. Lazarus Group, REvil, Sandworm, Carbanak, UAC-0056 are a few of the many active threat actors that were behind high-profile attacks. These actors execute DDOS attacks, develop highly sophisticated malicious codes and exploit kits and make their infrastructure available for the use of others in exchange for money. Every piece of information (hacked personally identifiable information, compromised email accounts, etc), infrastructure (i.e. masked servers), tools (malware, ransomware etc) and services (i.e DDOS) have a price defined in the “free market” of the criminal underworld. For example, a DDoS attack service is currently marketed at around 5,000. – USD per day. Not at all expensive for a nation state.

Cyberwarfare is happening today

Cyberwarfare is not a futuristic dystopia. It is happening today with an increasing intensity. We experience city-wide electric cuts, communication interruptions, disrupted healthcare or travel services. USA, UK and EU have been tightening their legislations. New nationwide cyber security directives are put in effect one after the other. Collaboration among democratic countries is increasing.

Some strategic initiatives countries have been implementing to combat cyberwarfare are:

  • tightening cyber security regulations for critical infrastructures
  • enforcing zero trust/micro segmentation to minimize and contain a possible damage
  • increasing awareness for good security practices such as the use of multi factor authentication and strong passwords
  • deploying deception technologies
  • making cyber security a CEO responsibility
  • deploying offensive security practices to take down cybercriminal infrastructures.

(1) https://medyanews.net/hacker-group-anonymous-hacks-swedish-official-website-in-protest-at-extradition-of-kurdish-politician
(2) As it appears, Anonymous and Anonymous Sudan are two separate cyber threat actors.

Cyber Threat Landscape Workshop

Contact Cynode to learn more about the recent developments related to the cyber threats landscape and people, process and technology countermeasures you can implement.

Duration: 2 hours

Price: 15.000 SEK

Please fill out the form or give us a call