Nation states are engaging in increasingly belligerent, malicious cyber activity, according to Rob Joyce, director of cybersecurity with the NSA.
That was some of the perspective he offered about bad actors in his “State of the Hack” presentation at the RSA Conference in San Francisco last week, outlining recent and ongoing cyber threats.
Top of mind for Joyce and the NSA this year is the continued conflict in Ukraine, where Russia persists in real-world and digital assaults on the country. “There were more than 2,000 attacks from Russia in 2022, and over 300 were against the defense and security sectors,” he said.
Some 400 cyberattacks against Ukraine targeted civilian infrastructure, telecom, finance, and energy, according to Joyce. More than 500 cyberattacks were aimed at government entities that are not part of defense. “That’s more than 10 cyberattacks a day going across a broad swath of the infrastructure,” he said.
As of 2023, Joyce said, Ukraine was reporting more integrated cyber and “kinetic effects” -- in other words, the hacking efforts were being coordinated with military attacks.
There are three types of cyberattacks being seen primarily, Joyce said, in the conflict:
- Intelligence collection to prosecute the war
- Disruptive activity to break down civil society
- Hacktivist activity from supporters of Russia’s aggression
He cited the GRU, Russia’s foreign military intelligence agency, has been the predominant actor in such digital aggression. “Ukraine has been a GRU target for...