Cyber Warfare in 2023: A.I. Rises, Infrastructure in Peril, Hackers Learn to ‘Live Off the Land’

The National Security Agency (NSA) released its 2023 cybersecurity report on December 19, looking back over a year in which China and Russia remained massive cyber threats, artificial intelligence (A.I.) displayed growing promise and peril, and cyber threats to critical infrastructure grew more alarming.

NSA Director and US. Cyber Command chief Gen. Paul M. Nakasone described the People’s Republic of China (PRC) as a “competitor with both the intent and ability to reshape the international order to fit its own designs,” an adversary “unique in the scope, scale, and sophistication of the threat it poses.”

Nakasone added that Russia “remains an acute threat,” thanks to both its military aggression in Ukraine and its “information operations intended to weaken democratic institutions around the world.”

The NSA director said A.I. “has the capacity to upend multiple sectors of society simultaneously,” especially if hostile nations develop a pronounced advantage in AI technology. The NSA created a new Artificial Intelligence Security Center in 2023 specifically to study both the advantages and dangers of this emerging technology.

Quantum cryptography is a new tech that shows great promise for protecting vital data and systems – unless it produces an unstoppable menace first.

Quantum computers are not merely faster than previous systems. They can process a huge number of operations simultaneously, using the principles of quantum physics, an exhilarating and terrifying prospect that is difficult to explain merely in terms of speed or processing power. To put it simply, powerful modern computers could count the grains of sand on a beach in a reasonable length of time, while quantum computers could count the number of atoms in the entire planet with comparable effort.

Peng Chengzhi operates Zuchongzhi 2, a 66-qubit programmable quantum computing system, at QuantumCTek Co., Ltd in Hefei, east China’s Anhui Province, July 21, 2023. (Photo by Jin Liwang/Xinhua via Getty Images)

The ability of quantum computers to do more than one thing at the same time is tremendously useful for cryptography and data security – or incredibly destructive, depending on whether the white hats or the black hats master the technology first. The only reliable defense against quantum attacks is a quantum shield.

2023 was the year in which the quantum sun began to rise over the cybersecurity horizon and the full possibilities of the technology came into focus. For example, cybersecurity experts speak increasingly of a future without passwords, because quantum computers will be incredibly good at guessing them. As the NSA put it: “Quantum computing may not feel like an imminent threat, but it is a looming threat for which action must be taken now.”

NSA Cybersecurity Director Rob Joyce noted that a potent new threat uncovered in 2023 was the development of “living off the land techniques” by hostile nation-state hackers.

Joyce was referring to a report in December about hackers linked to the People’s Liberation Army (PLA) of China who “burrowed into the computer systems of about two dozen critical entities over the past year” in an operation dubbed “Volt Typhoon” by U.S. cybersecurity analysts.

The Volt Typhoon hackers essentially “lived” in the computer systems they penetrated, laying low and performing some legitimate network functions with their invasive malware, creating a threat that could fester undetected for years before activation. “Living off the land” is a stealth technique that could conceal massive penetrations of critical systems until a hostile government gives the order to commit mayhem.

Joyce spotlighted the successful hunt for a highly sophisticated Russian virus called “Snake” as an example of inter-agency cybersecurity cooperation.

Snake was the most advanced malware ever deployed by Russia’s Federal Security Service (FSB), the successor to the KGB, as far as is publicly known. It wormed its way into targeted systems and created a massive secret network spanning over 50 countries, including the United States. FSB hackers were able to use Snake to steal a good deal of sensitive information before their network was detected, with targets ranging from government agencies to journalists.

Russian Federal Security Service officer patrols a street next to the FSB security service’s office in Moscow on December 19, 2019. (STR/AFP via Getty Images)

The NSA said international cooperation was increasingly crucial for catching major cybersecurity threats, such as 2023’s successful collaborations with Japan and South Korea. Such cooperation is especially urgent as the Russia-Ukraine war makes the cyber element of modern warfare apparent. Military alliances like NATO will need a high level of electronic harmony to keep capable adversaries from attacking their computer networks and automated weapon systems.

The Russia-Ukraine conflict made 2023 a watershed year for cyber warfare, including such landmarks as the limited deployment of the first fully autonomous drone weapons, or killer robots if you prefer. Electronic espionage is as much a part of this war as the thunder of artillery.

The Israel-Hamas conflict also features a great deal of cyber warfare, including no end of mischief from Iran, patrons of the Hamas terrorists.

Israel’s Cyber Directorate estimated in late December that at least 15 groups affiliated with Iran, and its proxies Hamas and Hezbollah, have launched major cyberattacks against Israel since the Hamas atrocities of October 7. 

Researchers from Microsoft and Mandiant, a security firm owned by Google, told a cybersecurity conference in November that there probably would have been more numerous and sophisticated attacks if Iran had more time to prepare before Hamas sent its rape gangs and murder squads into those Israeli communes.

Forbes noted it was a big year for civilian cybersecurity as well, with global attacks soaring by up to 45 percent as vulnerable cloud systems grew increasingly popular with consumers. 

Cloud computing is incredibly valuable and useful, and it has gained wide acceptance among consumers and businesses that would have scoffed at keeping all their precious data in cyberspace only a few years ago. Unfortunately, the cloud has become a very juicy target for hackers, and security experts have realized their defenses cannot compromise the speed or easy access consumers desire.

In its year-end cybersecurity analysis, Trend Micro concluded A.I. is something of an overhyped sideshow for the time being because it is not truly creative or adaptive. A.I. regurgitates data quickly and detects patterns, but it is easily fooled by giving it false data to work with, which limits its “usability for cybercrime.”

That might change in the future but, for now, the biggest contribution of artificial intelligence to online skulduggery has been turbocharging existing tactics like phishing, in which hackers fool targeted users with realistic-looking but toxic documents and emails. A.I. has become very good at generating realistic phishing bait, and it allows hacking campaigns to proceed with less human oversight, which allows “cybercriminals with limited skills to mount effective and lucrative attacks easily.”

Read More