The evolution of cyber-attacks and cyber warfare

9th December 2020

As domestic internet users we are constantly reminded of the need for anti-virus software, VPNs, firewalls and other defences to protect our identity and secure our sensitive data. Since the evolution of Wi-Fi, this has never been more important. The images of a hooded hacker far away are replaced by the reality of someone geographically nearby breaching your own Wi-Fi network. Hackers can intercept your network and compromise your data bit by bit, eventually building a clone of the victim leading to crimes such as identity fraud and theft via methods like phishing spoofing and ransomware.

As cyber-crime has evolved, hackers use more and more sophisticated methods to hack into companies’ data storage centres. In 2018 British Airways was the target of such an attack. Hackers managed to obtain data belonging to 400,000 customers, including credit card details, home addresses. Much of this data was reportedly sold onto organised crime gangs who in turn use it to create cloned identities or make online purchases. The details for a full credit card can sell on the dark web for as little as 40 USD. In the case of British Airways, if hackers had stolen 400,000 customers’ credit card details, the crime could have potentially netted them 16million USD. The British Government estimate the annual global cost of cybercrime to be 375billion USD worldwide.

Cyber-warfare poses a real threat to countries across the world. It is estimated that 60 countries have developed such capabilities enabling them to attack and cause mass disruption to the national infrastructure of their intended target1.

In the UK, The Ministry of Defence is considering financial measures to bolster its cyber warfare defences. These include diverting its budget and reducing the army’s headcount by 20,000 staff with General Sir Patrick Sanders, head of the UK’s strategic command, confirming UK Prime Minister Boris Johnson expects Britain to be a “leading, full-spectrum cyber power”2.

North Korea and South Korea’s challenging relationship is seen online as well as in ground operations. A branch of the North Korean military known as Bureau 121 employs 1800 of the country’s most talented computer experts. In 2013 South Korea suffered 2 cyber-attacks affecting almost all financial institutions and TV stations in the country. One attack caused 750million USD worth of damage to elements of the country’s infrastructure including 32,000 computers and servers, the other stole the personal details of 220,000 South Korean citizens including 20,000 military personnel. Bureau 121 allegedly used Chinese IP addresses to mask the origin of the attacks3.

Between September 2019 and August 2020 there were 723 reported cyber-attacks on the UK, 194 of which were Covid-19 related. Of the 194 attacks, the origins were a mix of organised crime and state funded breaches.

In early December 2020 the UK was aware of cyber-attacks on companies involved in the supply chain and distribution of the vaccine within the UK. Multiple stakeholders within the distribution and supply chain of the vaccine appear to have been targeted. The breach is believed to have been about obtaining logistics information rather than disrupting the supply chain itself.

The consequences of data breaches are not restricted to confidential information theft, reputational damage and consumer dissatisfaction but can incorporate heavy fines imposed by the ICO (Information Commissioner’s office), who identify breaches and hold companies accountable. For example Marriott International Hotel chain received a fine of 18.4 million GBP (25 million USD) from the ICO in October 2020 after an attack in 2014 saw 339 million guest records breached4.