Full Report
Harmful cyber operations are growing in pace, scale and impact. Cyber operations targeting critical infrastructure have increased significantly in recent years. The number of cyber actors is also on the rise, with generative AI aiding criminals in carrying out their operations. Many states now have laws that criminalize cyber activity such as online fraud and hacking. But cyber means can also be used to facilitate…
Analysis Summary
# Main Topic
The increasing pace, scale, and impact of harmful cyber operations, specifically focusing on the intersection of cybercrime, critical infrastructure targeting, and the potential for cyber means to facilitate or constitute international crimes (genocide, crimes against humanity, war crimes, and aggression).
## Key Points
- Harmful cyber operations are actively growing in pace, scale, and impact across the board.
- Cyber operations specifically targeting critical infrastructure have seen a significant increase in recent years.
- The quantity of cyber actors is rising, partly enabled by generative AI assisting criminals.
- Many states have implemented laws criminalizing standard cyber activities (e.g., online fraud, hacking).
- Cyber means are also explicitly identified as being used to facilitate or commit serious international crimes.
- There is an urgent requirement to enhance the prospects for prosecuting these cyber-enabled international crimes.
## Threat Actors
- Cyber actors (general threat population) are increasing in number.
- Generative AI is noted as a tool aiding criminals in carrying out their operations.
- Specific threat groups are not detailed in the provided context, but state-sponsored actors capable of international crimes are implied.
- A specific external article mentioned a "Russian hacker alliance targeting Denmark."
## TTPs
- Cyber operations targeting Critical Infrastructure (CI) are a primary tactic noted.
- Use of cyber means to facilitate or commit international crimes (genocide, war crimes, etc.) is a noted application.
- Generative AI is aiding malicious actors in executing operations.
- Standard cybercrime techniques such as online fraud and hacking are criminalized under state laws.
## Affected Systems
- Critical Infrastructure (CI) is a specifically targeted sector seeing increased cyber operations.
- Systems involved in committing international crimes via cyber facilitation are implicitly affected/utilized.
## Mitigations
- Numerous states have enacted laws to criminalize cyber activity such as online fraud and hacking (legal/deterrent mitigation).
- There is an urgent need to improve the prospects for prosecution for cyber-enabled international crimes, suggesting legal/judicial strengthening is a key defensive measure.
## Conclusion
The threat landscape is characterized by increased volume and sophistication, particularly concerning critical infrastructure. A novel aspect of this threat analysis is the growing use of cyber operations to breach international law concerning grave crimes, necessitating a focus not just on cybercrime prosecution but on international criminal justice apparatus leveraging cybercrime investigation routes.