Blog post By Amirah Saad, Sr. Manager, Intelligence, 4iQ, Inc.
This year, CyberwarCon 2019, was focused on the importance of attribution, as well as identifying and exploring a myriad of threat actors. These actors utilize cyber-enabled capabilities to disrupt society, conflate technical sophistication, and interfere in elections and geopolitical issues by employing social media-based disinformation campaigns. While the underground Breach Economy is constantly enriched with a host of private, proprietary, and even clandestine data, this information is weaponized and used to influence citizens and gather intelligence from foreign or competing entities.
What are some of the top trends?
Top cyber experts spoke on the most pertinent issues in today’s society, so the number of takeaways from this conference were innumerable, but here are a few that are relevant leading up to election season:
There is an emphasis on foreign and domestic actors operating within legal limits to conduct information operations under the guise of public relations stints and data aggregation efforts. As we approach 2020, domestic actors misleadingly influence what we see. Most notably, malicious actors globally have evolved in the use of memetic propaganda toward community infiltration and hack-and-leak campaigns.
Furthermore, state-sponsored actors competing in the digital sphere have become adopters of deceptive techniques and persisting with volume. Meanwhile, veterans in the game continue to enhance tradecraft, leveraging social engineering alongside deep-rooted cyber operations. On the flip-side, certain threat actors at the highest levels of government still lack the sophistication of concealing their online activities, which ultimately lead to attribution.
Last, but certainly not least, “Vanity Operations” targeting leadership pride, such as the North Korean cyberattack on Sony Pictures and the alleged Iranian wiper attack against Las Vegas Sands Corporation, can contribute to how emotionally-driven activity presents certain risks and elevated costs for threat actors.
Over time, we have seen the power that foreign adversaries hold, exploiting cybersecurity vulnerabilities to target constituents, government entities, and those who hold specialized clearances, especially in sensitive lines of business. Social engineering tactics are continuously being deployed in order to network with and infiltrate into, various government and military personnel, linking exposed social and physical attributes to accurately pinpoint targets and connect with them on a personal level. These tactics have proved to be successful in meddling in the electoral process.