Learn how cyberwars have begun, and we are all foot soldiers.
- [Instructor] Now that governments see cyberspace as a new domain to dominate, the Internet has become a very dangerous place, even if you aren't a direct target. In 2013 the cyber security company Mandiant released a detailed report describing unit 61398, the secret cyberespionage division of the Chinese People's Liberation Army. This group is also called Advanced Persistent Threat One, or APT1.
According to the report, the Shanghai-based APT1 is staffed by hundreds of soldiers trained in network security, covert communications and the English language. Since 2006, Mandiant has watched attacks get launched from this unit against at least 141 companies spanning 20 major industries. China's goal for APT1 is to steal trade secrets from Western companies, which it will use to accelerate it's own economic ambitions.
APT1 silently compromises the computers of executives in target companies, and then steals the information China wants most. The soldiers do this after spending days, or weeks, searching through the target's digital filing cabinets. In late 2017, the US Department of Justice announced indictments of three Chinese hackers for stealing hundreds of gigabytes of sensitive data, from Siemens, Moody's Analytics and Trimble.
But the US and China are not the only nations with armies in cyberspace. The massive 2015 Ukrainian power outage affected nearly a quarter of a million people, two days before Christmas. The cyberattack has been attributed to Russian hackers operating under the guidance and protection of the Russian government. In the big picture, many people believe that Russia is using the Ukraine as a cyberwar testing ground, a laboratory, for perfecting new forms of global online combat.
In the next video, we'll take a look at a more recent attack that's part of the ongoing cyberwar between Russia and the Ukraine and the collateral damage it caused to innocent bystanders.
- Understanding why cyber criminals are targeting you
- Insider threats
- Germ theory
- Getting IT support
- Avoiding phishing attacks
- Stopping malicious code
- Avoid identity theft and financial cybertheft
- Avoiding cyberattacks while traveling
- Security and the cloud
- Contract "firewalls"
- Third-party cyber risk management