The increasingly blurred line between espionage and cyberattacks
Albania has severed diplomatic relations with Iran and expelled all its diplomats and foreign embassy personnel over an alleged cyberattack in July, setting a diplomatic precedent that will surely be repeated around the world in the years to come.
As more and more nations’ critical infrastructure has shifted online, cybersecurity has become a key issue. Earlier this year, after the inauguration of its new president, Costa Rica found itself in an unprecedented situation: such important parts of its infrastructure as tax collection or customs management were completely disabled by a ransomware attack, with the criminals behind it demanding a $20 million ransom in cryptocurrencies, prompting the government to declare a state of emergency.
Cyberattacks, which can cripple countries, are increasingly being carried out by groups with ties to a number of governments known to have been implicated in schemes of this type. While all governments obviously maintain some form of cybersecurity-related activity and some engage in cyberespionage schemes on a relatively regular basis in the same way that such activities have been carried out through other channels, several have been carried out to destabilize countries. Among the best-known culprits are Russia, Iran and North Korea, although there is little hard evidence.