Will New Zealand see more Russian hackers targeting its interests?

Over the past several years, the extent and brazenness of Russian state-sponsored cyber attacks have become publicly known. An early indication was the breach of French station TV5Monde in April 2015, where Russian hackers attempted to pose as a group linked to the Islamic State. A series of events have followed which included Russian hackers breaching the World Anti-doping Agency and the U.S. Democratic National Committee, targeting Dutch Government entities, and likely causing power outages in Ukraine.

Part of what we have seen is the Russian state using cyber attacks to conduct psychological operations. Psychological operations intend to convey selected information and indicators to foreign audiences to influence their emotions, motives, objective reasoning, and ultimately their behaviour.

The motivations behind Russian state hackers appear the most diverse of any state-sponsored group worldwide. For example, China is best known for the theft of sensitive commercial data, such as intellectual property, to gain competitive advantages; and targeting bulk personally identifiable information (PII) to the likely benefit of their intelligence operations. North Korea and Iran have become known for more destructive cyber aspirations, as illustrated by North Korea’s attack against Sony Pictures and their potential links to the WannaCry ransomware, while Iran was behind the attack on Saudi Aramco in 2012.

However, the Russian hacking activities form an integral part of a more sophisticated criminal enterprise, bent on extortion and profiteering, according to Harvard Business Review’s Michael Sulmeyer. The Russian security services have extensive ties with the criminal underworld, and whether their hackers are working for the government or the mob can at times be a meaningless distinction, says Sulmeyer. As highlighted in a recent U.S. Department of Justice indictment, the Russian government will sometimes target businesses to further its intelligence activities. Other times, it will work with criminal elements for criminal purposes.

As a result, businesses and governments are both targets. Businesses can become a target not because hackers see intrinsic value in their data, but because they may be comparatively easy targets.

The security risk for New Zealand private and public entities will likely increase if New Zealand and Russia re-start, and finalise free trade talks that were halted after the 2014 annexation of the Crimean peninsula. With the Russian economy being the world’s 13th largest, a free trade agreement would see import and export figures grow substantially.

Free trade would open New Zealand businesses up to foreign direct investment and technology transfer, but also potential theft of intellectual property.

The majority of known recent cyber events points to Russian state-sponsored cyber groups focusing their efforts on the U.S., European nations, and Russia’s “near abroad” — the states of the former Soviet Union — for geo-political and espionage reasons. However, because of Russia’s diverse motivations, their focus may shift in the future to include targeting new and growing international relationships based on economic and intelligence value.