The COVID-19 pandemic had a profound impact on the way we live and work. In much the same way, it altered the means by which bad actors across the cyberthreat landscape approached their work as well.
speaks with Fred Plan
, Senior Analyst, Mandiant Threat Intelligence at FireEye
- Changes in the cyberthreat landscape over the last year
- Cyber Espionage
- How Mandiant Intelligence can help
Changes in the cyberthreat landscape
The changes over the last 12 months directly correlate with the geopolitical developments we’ve seen in the real world over that same period.
Some of the global events that have had an effect are:
- The COVID-19 pandemic
- Border crossings
- Social upheaval
- Influence operations and disinformation
For bad actors, this has affected their ability to conduct cyber operations as well as the targets they pursue.
“Cyber espionage is just one of the many ways that different countries get information and try to build a decision-making advantage for themselves,” says Fred.
It’s a digital-age extension of the cloak-and-dagger tactics of the cold war.
Different countries have different priorities when trafficking in cyber espionage such as:
- Internal problems
- Regional problems
- Global problems
What Fred’s team does is try and understand the motivations behind cyber espionage. Countries could be motivated by:
- Defense and seek out military intelligence
- Politics and seek out intelligence on international agreements and think tanks
- Economics and target trade deals and M&As
The Big Four
There are four countries that the U.S. focuses on because they have the biggest impact in terms of malicious activity in cyberspace.
- China - China’s interests lie in economic development and increasing influence beyond its immediate regions.
- Russia - Russia’s dynamic is tough to untangle because state-sponsored activity has a lot of overlap and complex motivations intertwined with operations that are not state sponsored.
- Iran - Iran has a similar dynamic to Russia, but it’s also more restricted in who it targets, focusing mostly on the Middle East.
- North Korea - North Korea maintains an asymmetrical advantage over the rest of the world. They can hit other countries with cyber operations, but those same operations will have no effect on them because they’re so cut off.
These four countries differ in how they conduct their operations and who they target and why. But they’re similar in that their cyber espionage activity is directly influenced and motivated by their respective geopolitical situations.
The Mandiant Intelligence team helps customers understand who the bad guys are, what they’re doing, what motivates them and how best to defend against them.
Their ultimate goal is to reduce the likelihood of any bad outcomes or reduce the impact of these events when they occur.
To learn more, visit Mandiant Advantage
or contact Corey Swift at firstname.lastname@example.org