The use of privatized, deniable, or unofficial cybersecurity and hacking services has increased the complexity of the already murky and fast-developing technological interests of most nations. The involvement of non-governmental groups in cyber activities with direct impacts on national security is important due to broadening and diversifying levels of security, funding, organizational cooperation, and accountability that are becoming intertwined in the defensive systems and concerns of nations. As espionage campaigns and defensive concerns spread out farther from the centralized management of military and intelligence services the possibility of private agencies and their activities having unintended consequences increases.
No digital security breech is totally untraceable, but commonly available technologies such as Virtual Private Networks (VPNs), virtualized hosts and TOR web traffic provide obfuscation even in civilian internet usage. Pinpointing the responsible party in a cyberattack is a complex and often imprecise process at best. High profile hacking activities by North Korean, Russian, Chinese and US actors have highlighted the frequency with which data is seized even from formidably secured sources. It has also exposed the complexity of disentangling government interests from the activities of legitimate and illegitimate digital professionals.
Cybersecurity is an inherently volatile field for the professionals within it. High turnover at firms is common due partly to the need to move to new work environments for opportunities to learn different systems, structures and responsibilities in order to stay relevant. Major corporations have operations of such global reach and complexity that clearly differentiating private information gathering from governmental monitoring has a grey area all its own. High churn in the field leads to a globally aware strata of cyber professionals with wide experience in cyber security and even cyber attack capabilities. Penetration testing for major commercial environments can lead to understandable reasons for employment in governmental attack and defense services for a professional with the necessary skills. With digital intelligence gathering being of interest to corporate clients the door may revolve back around again.
Unfortunately, this somewhat borderless condition in digital defense reduces the coherence of security even for clearly governmental data. The major theft of US submarine warfare developments by the Chinese Ministry of State Security in early 2018 as reported by the Washington Post was successful in part due to less stringent internal data security used by private contractors as opposed to federal top-secret data. The Ministry of State Security has been tied by several investigations, many by private US cybersecurity firms, to the APT3 group that carried out high profile attacks including against defense contractors and a major exploit of a vulnerability in Internet Explorer. APT3 has operated through groups associated with front companies, but this type of cover for potentially dangerous espionage is not limited to foreign intelligence services. Private cyber intelligence group Black Cube advertises the hiring of former Mossad agents and skill at social engineering operations as well as more mundane digital intelligence gathering.
While a diversification of talent and agencies to solve problems from weapons system development to intelligence gathering has allowed a far more fluid approach to large-scale problem solving, it has also put sensitive data and personnel in increasingly compromising positions. Edward Snowden, whose revelations about US domestic intelligence gathering were a bombshell in 2013, was a private contractor working intimately with the development of domestic government intelligence systems. Human error or outright corruption is still a primary ingredient in enabling cyber-attacks. Human interaction still touches critical areas of defense strategy, attack capability and intelligence gathering. Commercial pressures and simple factors like monetary instability for employees or the political motivations of staff open hundreds of potential avenues to attack every day.
The revolution of the maturing internet is the empowerment and connectivity of the global population. But as mundane business cost-cutting and the potential compromise of IT staff factor increasingly into potential threats for nations and corporations, they are an increasingly neglected aspect of potential attacks. The increasing need for specialized employees in a variety of computer fields makes it a trend unlikely to reverse anytime soon.