Data Matters Privacy Blog Nation-State-Sponsored Attacks: Not Your Grandfather’s Cyber Attacks

*Reprinted with permission from the May 6, 2022 edition of the New York Law Journal © 202X ALM Global Properties, LLC. All rights reserved. Further duplication without permission is prohibited, contact 877-256-2472 or [email protected].

It used to be that data breaches were all about cyber-crooks hacking computer systems to steal personal information, followed by an affected company sending regretful notification letters offering a year or two of complimentary credit monitoring. Not anymore. Now, state-sponsored attacks threaten to wreak havoc on companies’ essential IT systems, Internet devices, software, and all manner of critical infrastructure in private sector hands. Just a few weeks ago, the Director of the Federal Bureau of Investigation (FBI) and the U.S. Attorney General described a recent takedown of a Russian government-sponsored botnet called Cyclops Blink before it was weaponized and caused damage. That case is one reflection of a wave of state-sponsored attacks that can transform routine “incident response” into more dramatic corporate cyber crises.

In this article, we detail a few observations about nation-state-sponsored attacks, including:

  • State-sponsored attacks tend to be highly sophisticated—ranging from a sophisticated botnet used to launch DDoS attacks to supply chain compromises.
  • Response to state-sponsored hacking routinely requires close coordination with multiple U.S. and foreign government agencies.
  • State-sponsored threat actors often target companies that run outdated software that contains previously identified and publicized vulnerabilities.
  • State-sponsored threat actors may be politically motivated and, as such, their goals for the attack are not always clear—and can change over time—unlike threat actors purely motivated by profit.
  • While state-sponsored cyber-attacks pose exceptional risks, technical experts may recommend the same preventative measures to defend against a state-sponsored attack as any other type of cyber-attack.

Current State of Play. In March 2022, the White House issued a dramatic warning based on “evolving intelligence” about potential Russian cyberattacks on the United States in response to U.S.-imposed economic…