The simple answer to the above question is “Yes”.
Most people visualize computer hackers as being grubby techno-geeks who consume multiple cans of caffeine-laced energy drinks while working on their computers. That notion may be true. But are these people the largest group of malicious people on the Internet?
Nation states or countries are, also, major players in the tug of war between those who seek to protect computer networks and those who perpetrate breaches, steal valuable information, and damage critical infrastructure.
The Russian Government, for example, is implicated in squashing the dispute that arose between Russia and Georgia in the Province of South Ossetiain 2008. Computer networks were “hacked” into and critical Georgian computing infrastructure was effectively shut down as Russian tanks rolled across the border and asserted Russian authority. Georgian government computer networks and the Internet itself was overwhelmed and disabled until Georgian leaders capitulated.
Reportedly, the Iranian nuclear processing components at Natanz were seriously damaged due to a breach of network security with an attack described in the media as the Stuxnet worm. The level of sophistication of the attack and the extent to which damage was caused suggests that only a nation or group of nations could have produced and supported such an attack against sensitive industrial controls.
The People’s Republic of China is documented as having cultivated a network of civilian crackers who engage in ‘informatics warfare’ on behalf of the People’s Liberation Army. For its part, the government of the People’s Republic of China supports information warfare battalions that are schooled in how to crack into networks and infrastructure during the day-time and attack the computing infrastructure of other countries for homework. The losses were recently reported as exceeding the money being made in the international drug trade.
Official Chinese government doctrine embraces the concept of unrestricted warfare that includes fighting a war of informatics to obtain strategic and tactical military advantage. The United States, also, demonstrated its overt interest in information warfare by establishing a “Cyber Command”.
Nation states do, indeed, pose a threat to computer and network security of the digital infrastructure. Various nation states are known to have engaged in cyber crime and information warfare. The biggest threats that come from other countries focus upon critical national infrastructures, as well as economic and defense-related espionage rather than just traditional malware like viruses and Trojans.
Businesses, organizations and individuals have confidential information related to their products, research and development and infrastructure that must be protected. International cyber thieves routinely target digital assets and want to enlist the computing resources of others to assist in distributed attacks. On the other end of the scale, nation states and their intelligence services target other nations, individuals, legitimate businesses and research facilities that contain sensitive business data, the loss of which can do harm to another country’s national security interests.
Your personal information and ability to do business, as well as national security, are at risk. Crackers and cyber criminals are interested in stealing your computing resources that can be used to increase the intensity of attacks against other systems or to use your Internet presence as a “cover”. Cyber criminals would steal proprietary information, your identity and confidential customer information.
Nation states, however, seek to attain strategic and tactical advantages in a global struggle of causes ranging from Marxism and the Islamic Caliphate to anarchy, progressive socialism and liaise faire capitalism.
Peaceful and civilized societies have a great deal to fear from attacks against interdependent cyber resources. A well thought out EMP attack can bring a nation’s critical national infrastructure to a halt.