Cyber Adversary Characterization: Auditing the Hacker Mind

Chapter contributed by Matthew G. Devost
The Nation State Cyber Adversary
International Terrorists and Rogue Nations
Physical Insider Placement
Nation states and terrorist organizations represent the high end of the cyber adversary spectrum. An attack launched by either of these entities will target critical infrastructures using methods designed to inflict maximum damage against their targeted asset. The targets of attacks launched by national states and terrorists are also likely to be very similar and will focus on critical infrastructures such as banking and finance, electric power, transportation, telecommunications, and health and government services. [i]
A wide variety of factors influence a nation state s or terrorist s intentions and capabilities to use cyber attacks. Although a nation state might have the technical capability to wage an attack on critical infrastructures, there are many deterrents, ranging from fear of escalation into conventional conflict to economic blowback, that reduce their intentions to launch an attack. Likewise, a terrorist organization certainly has the intentions to launch sustained cyber attacks against critical infrastructures, but does not necessarily posses the technical capacity to engage in such an attack.
This chapter evaluates those decision elements that will influence terrorist and nation state cyber attack potential. It looks at attractors and deterrents to attack and technical capabilities, and it provides insight into how we might characterize and differentiate these two distinct high-end cyber adversaries.
[i]I am greatly indebted to colleagues Neal Pollard, Don Hewitt, Jim Little, and James Kirkhope for their insight and...