Large-scale domestic and international surveillance and activity-tracking grid operated by a large South East Asian country are also enabling its APT teams to strike deep into the digital territories of other countries. This country has invested extensively in promoting cost-effective surveillance technologies around the world using its diplomatic levers and economic dominance.
The surveillance grid includes digital listening tools, smart cameras, vehicle, and asset tracking systems, and dual-use devices that are creating a significant digital catchment area for this country to gather a range of data.
Lessons from a controlled domestic cyberspace
This country maintains one of the largest domestic surveillance facilities in the world run with evolved AI, big data, and cross-platform activity tracking. With an active domestic industry that generates tools aiding the maintenance and management of this surveillance grid, this country has gained a strategic advantage in avoiding the use of imported tools that may open up this well-established grid to other actors. In the guise of promoting governance and domestic order, this surveillance grid is enabling not just data collection but also the trial of new and more stealthy data collection tools that facilitate much deeper penetration of target infrastructure in other countries while maintaining an undetectable digital footprint.
This country uses its controlled domestic cyberspace to:
- Test the resilience of new snooping tools and data-gathering abilities of surveillance gear across environments
- Studying the amount of time needed to launch new operations and cross-platform integration of surveillance devices and software
- Stress test back-end data handling systems
- Launch new reconnaissance and data-gathering malware
- Figure out new ways of embedding backdoors in devices to keep them open for long-term data harvesting and manipulation of these devices
Potential implications for businesses everywhere
In addition to the possibility of data exfiltration at multiple levels, there is also a possibility of such data ending up in the hands of actors who might exploit it for carrying out disruptive cyberattacks or for ransom. Either way, this is bad news. With OT networks being open and vulnerable and IoT devices lacking adequate security, state-backed hackers associated with this surveillance grid could easily launch attacks or keep large volumes of internet users under surveillance to harvest valuable data.
Long-term implications include:
- Loss of intellectual property through data leaks
- IoT devices could be manipulated remotely or converted into botnet constituents
- Vulnerable OT networks run the risk of disruption due to cyberattacks
- APT actors could keep a watch over businesses and strike at a time of their choosing
- As we have seen in the case of many countries, cyberattacks motivated by geo-political considerations could occur
- Devices could be used for crypto mining or DDoS attacks
To secure your business against such attacks you need to improve your IT, OT, and IoT security practices and your overall security posture. With each passing day, hackers are becoming more brazen and disruptive and it is high time we become aware of their tactics and deploy countermeasures.
Book a completely free session with our cybersecurity experts today to see what your business is missing.
Join us at the Sectrio OT security conference in Bucharest in November, sign up now
We are giving away threat intelligence for free for the next 2 weeks. Find out how you can sign up and try out our threat intelligence feeds
Download our cybersecurity awareness kits
Find out what is lurking in your network. Go for a comprehensive 3-layer threat assessment now
See our solution in action through a free demo