Intelligent CIO North America Issue 12 | Page 45

CIO OPINION comes the potential for escalation , so how we choose to proceed is of great consequence . former Soviet Bloc nation . How the United States responds will have long lasting implications .
The challenge is that some of these responses are a trivial slap on the wrist , that are unlikely to elicit change , and some of these responses punish the entire country and have an unfair impact on average citizens who have no involvement and lack the power to do anything about it . The goal is to find a response that strikes a balance and sends a very clear message that cyberattacks have consequences .
Firm and appropriate response
Why does it matter that these were nation-state sponsored attacks ? It matters because the response will be different depending on the threat actor and their objectives . Criminals will be criminals , and law enforcement and the cybersecurity industry will continue to hunt down and prosecute them . But recent trends indicate that the line between cybercrime and nation-state attacks are continuing to blur , as many threat actors straddle the line by dabbling in both crime and APT operations .
Cyber-espionage and cybercrime have come to a crossroads with governments , and the security industry . How should we respond to such grave attacks , and where do we need to improve our strategies to defend against them and reverse the adversary advantage ?
These attacks were all unparalleled in their scope – successfully infiltrating and compromising US government agencies and a wide array of medium and large private sector companies , as well as causing major disruption to the US economy in the midst of a post-COVID recovery effort .
There is a significant opportunity to co-operate on a global scale to develop extradition laws that enable cybercrimes and cyber-espionage to be prosecuted more effectively . More impactful actions could include options like government mandates legally barring organizations from paying ransom demands
There is strong evidence that these recent attacks were nation-state campaigns acting in the interest of nationstate adversaries or were committed by criminal threat actors who enjoy the protection of nation-states to avoid prosecution . Our research on DarkSide suggests that the group is operating out of Russia or a related
Recent trends indicate that the line between cybercrime and nation-state attacks are continuing to blur .
www . intelligentcio . com INTELLIGENTCIO NORTH AMERICA 45