Rogue nations including China, Russia, Iran and North Korea continue to close the cyber capabilities gap on the U.S., utilizing a range of operations that have created an increasingly complex and difficult security landscape to navigate.
“Cyber warfare isn’t just about access to sensitive or classified information,” Jamil Jaffer, founder and executive director at the National Security Institute at the George Mason University Law School, told Fox News Digital. “It can have real physical effects.”
The cybersecurity landscape has shifted over the past 10 years, due in part to disclosures from various nations, including the U.S., into how their national cyber toolkits work, allowing other countries to quickly develop capabilities they had lacked.
Jaffer labeled China “the largest threat” in cyberspace due to the long-term hacking campaign the country has maintained with deep inroads to U.S. systems, along with the Russians. But he highlighted the significant threat of developing cyber nations like Iran and North Korea.
Those nations have utilized their cyber capabilities in a range of ways, from suppression of the general population through limiting internet access to outright monetary theft and the attack of foreign assets and terrorism.
“The really scary thing about the Iranians, the North Koreans — in part because we so successfully cut them off from the world economic system — is that they have both now the growing capability, desire, and potentially the freedom to act,” Jaffer, who previously served as associate counsel to President George W. Bush and senior counsel to the House Intelligence Committee, explained.
“The Russians and Chinese have better capabilities, they have more access, but they’re going to step more carefully, whereas the North Koreans, the Iranians are really gaining ground and are maybe more willing to take actions that the Russians and Chinese wouldn’t because they’re willing to bear that price,” he added. “And so they, to me, represent a significant threat.”
North Korea has focused on its financial gain, using phishing scams and crypto theft as means of gaining money and bypassing international sanctions. Through their cyber capabilities, the hermit kingdom has “extracted a tremendous amount of money from the global economy,” according to Jaffer.
“They’ve engaged in significant theft of money, including from major payment systems and banking institutions, so they’re very capable in that realm as well,” he added. “That’s a key element of their cyber efforts.”
Iran has used cyberwarfare to achieve a variety of goals, including the suppression of access to the internet to prevent opponents of the regime from organizing, including periodic blackouts at the start of the months-long protests that started in September 2022, and attacks on foreign infrastructure.
“Iran’s regime has dedicated its resources to improving its cyber capabilities for years now, realizing that this is an area of vulnerability for the U.S. and Europe,” Lisa Daftari, a Middle East expert and editor-in-chief of The Foreign Desk, told Fox News Digital. “Their capabilities are steadily improving as a significant arm of their military apparatus.
“This is Tehran’s way of saying, ‘Look at us, we are here, and we see you,” she added. “It’s a threat to silence its opponents and a flex of their own might. They use everything from malware to ransomware to get their point across.”
As dangerous as Iran and North Korea have grown with their capabilities, Russia remains at the forefront of cyberwarfare, which has played a significant role in its Ukraine invasion.
Russian President Vladimir Putin has made use of a group called Cyber Front Z to help spread his propaganda online, a more organized and public-facing “troll factory” than the kind Russia normally utilizes. “Troll farms,” as they are more commonly called, aim to disrupt naturally trending topics and online discourse to spread misinformation.
While Russia regularly uses such farms, it has gone to great lengths to make Cyber Front Z appear as a grassroots organization, reflecting the likes of cyber collective Anonymous, in an effort to hide its goals and create deniability, according to Ivana Stradner, a research fellow at the Foundation for Defense of Democracies focusing on Russia’s information warfare.
“Russia’s never openly talking about its offensive information operations activities. They only talk about their defensive information operations activities,” Stradner told Fox News Digital. “If you read the latest national security strategy for 2021, they for the first time devoted a special chapter on information security. They talked about information operations.”
Stradner said that Russia wants to void ties to the group because it creates “plausible deniability” and allows Russia to avoid “any responsibility” even though you have “all those hackers … that clearly operation behalf of the Russian state.”
A Newsweek report on Cyber Front Z at the start of the Ukraine invasion referred to them as “pro-Russia activists” who organized on social media platform Telegram to recruit “cyber troops,” citing Russian media outlets. Vice in April 2022 referred to the group as “the People’s Movement” that was “spreading Russian propaganda.”
But Vice also pointed to a report from independent St. Petersburg-based media outlet Fontanka that revealed the group to be “just another Kremlin-linked troll farm, where people are paid to post disinformation in a targeted and coordinated manner.”
Moscow’s cybernetic reach extends even to countries like Serbia and areas in Africa, where it seeks to establish information superiority and control cyberspace, according to Stradner.
“They do not need to be rolling tanks in any of those countries as long as they can win the popularity and win what’s been once called hearts and minds of those people,” she explained, adding that this is “precisely also the role of Cyber Front Z.”