Bad news if you live in the United States: according to the Centre for Strategic and International Studies (CSIS), who have analyzed so-called “significant” cyberattacks, it’s the country most targeted. It’s fallen victim to 156 significant attacks between May 2006 and June 2020, with 30 incidents in the highest attacking year, 2018.
That, of course, isn’t the sum total of the number of cyberattacks against a country. The CSIS has categorized significant attacks as ones attacking any government agency, defense or high-tech contractor, of any cyber attack that nets the perpetrators more than a million dollars while being carried out.
A distant second is the United Kingdom, which this week released a report indicating significant cyber-meddling in its electoral processes over the last decade, pointing the finger of blame for the incidents at Russia. The UK fell foul of 47 cyberattacks over the same 14 year period that the CSIS was able to collect data.
In third place on the unenviable list of victims was India, which has suffered 23 cyberattacks in the same time period targeting government agencies, defense, and tech companies – or big money losses.
The scale and scope of the issue
“Over the last decade, cybersecurity has rapidly become a concerning problem,” explains Specops Software, which analyses the CSIS data and produced the league table of victims. It’s particularly potent as a weapon that states are using to attack each other – as the numerous revelations that have come out in the last week or more have shown.
And countries increasingly need to defend themselves against such digital intrusions. According to Specops, some of the most commonly-used vectors of attack against significant targets as outlined by CSIS are similar to those civilian and business targets fall victim to.
Denial of service attacks, where machines or networks are swamped under a barrage of requests that renders them inaccessible to the people who want to use them for normal purposes, remains a large issue. It’s been responsible for some major service outages at a country level in the past.
SQL injections – secreting in malicious code that can access sensitive information contained in databases – is another common way of getting information by cybercriminals. Main in the middle attacks, which involves intercepting communications by eavesdropping on the connections devices make, are less common, but still have big impacts.
Phishing attacks reign supreme
One of the major ways in which cybercriminals are hacking their way into governments and big tech firms remains phishing. It’s believed to be one of the ways that the hackers who managed to break into Twitter earlier this month gained access to the administrative dashboard that allowed them to wreak havoc, and it remains one of the main ways that people can fall victim to a nefarious attack.
It also relies on one of the weakest sections of the chain of cybersecurity defenses. Governments and businesses can spend millions developing the strongest networks with the best defenses in the world to prevent anyone from cracking into them. They can roll out multi-factor authentication and any number of tools designed to stymie an attacker from gaining control of what they want.
But the biggest vulnerability, and far and away the method by which most criminals hit the jackpot, isn’t by brute force taking down a technological line of defense. It’s by cracking the humans involved. We’re vulnerable and prone to be fooled – and increasingly, as countries try to take each other on in cyberspace, it’s something we need to be wary of.