Foreign states up cyber attacks
IT attacks carried out by foreign powers are increasing and becoming more advanced, according to a new report from Sweden’s National Defence Radio Establishment (FRA).
FRA is the Swedish national authority for signals intelligence and its 2016 annual report notes that all forms of attacks are increasing, but particularly those based on advanced and harmful coding, news agency TT reports. There are roughly tens of thousands of activities each month based on harmful code that can be traced back to the state actors that FRA systematically tracks, the report states.
While activities are not the same as attacks, they also indicate how extensive the IT operations are, FRA director-general Dag Hartelius told news agency TT. He said:
You have to be aware that this is going on in the here and now.”
As opposed to more simple forms of attacks, such as denial-of-service attacks, harmful code is used by states or state-supported actors who go out of their way to avoid being discovered. The aim is usually to get hold of sensitive information.
Among the common targets in Sweden in 2016 are research and development institutions, the defence industry, political bodies, and institutions and authorities that carry out vital societal functions.
FRA is tasked by the government to, through signals intelligence, track attacks and activities from a certain number of advanced state actors from across the globe. While Hartelius did not want to single out any countries, the Swedish military’s intelligence service has previously pointed out Russia as one of the most prominent actors.
According to FRA, another worrying trend is that of placing advanced harmful code in hardware, for instance in a server, a computer or a mobile phone; a method that makes it incredibly difficult to detect attacks.
Further, FRA claims that foreign states and state-supported actors have become more skilled in so-called social engineering, which involves attaining good knowledge of a target person’s social life and circle of friends and colleagues and in that way increasing the likelihood of the person for instance opening an email that contains harmful code because they believe the email comes from someone they know.
Beyond information-gathering, the aim of some cyber attacks is also to harm critical infrastructure such as the electricity supply. Hartelius said FRA tries to help make such vital operations more secure but he also believes the growing attention given to IT attacks has helped raise awareness. When FRA officials visit authorities and companies, they usually discover some vulnerability at those institutions, but then also notice that once awareness is raised, efforts are made to raise security.
The annual report also states that FRA has increased signals intelligence around military activities in Sweden’s surrounding regions and that FRA has received several missions from the Swedish Security Service (Säpo) to track international terrorism.