• DigitalBank Vault

The 2020 Cyber-Mercenaries

Updated: Dec 23, 2020

What happens when private firms have cyberweapons as powerful as those owned by governments?

If part of the danger comes from the blurriness of the line that separates cyber defense and cyber offense, another part comes from the almost nonexistent distinction between the private and public spheres online.

In July, for example, Israeli authorities announced multiple indictments against a former employee of NSO Group, alleging that he had stolen sensitive proprietary code on his way out of the firm. But the unnamed employee was also charged with attempting to undermine national security: He had apparently tried to sell the information for $50 million in cryptocurrency to a foreign buyer on the darknet, the vast anonymous hinterland of the internet inaccessible by regular search engines.

Do You Need a Military Grade Encryption System? DigitalBank Vault provides easy to use encryption technologies to the private sector.
For additional information please contact us at or visit

This incident, quickly detected by the firm, is just one case among many that show how intimately the private and public spheres are linked in cyberwarfare. Capabilities that were once the sole province of governments frequently find their way into private—often criminal—hands.

The Stuxnet virus code is now publicly available. In 2013, a cyberweapon developed by the NSA that exploited vulnerabilities in Microsoft Windows was stolen by hackers—possibly Russian—and posted online; in May 2017, other hackers—possibly North Korean—then used the tool to launch a worldwide ransomware attack. The attack, called WannaCry, is believed to have infected 200,000 computers in more than 150 countries, including major parts of the British National Health Service before it was rolled back. In a separate 2013 case, Mandiant, a private U.S. cybersecurity firm, proved that hackers affiliated with the Chinese military were targeting U.S. corporations and government agencies. And in 2015, Israeli Unit 8200 reportedly hacked into Kaspersky Lab, a global leader in anti-virus software, and discovered that the private company had been acting as a back door for Russian intelligence into its clients, including two dozen U.S. government agencies.

Stuxnet is name-checked repeatedly by experts in the field and with good reason: It was a highly successful cyberattack against a state actor that caused real physical damage. Yet Stuxnet may already be outdated as an analytical touchstone. As Gabriel Avner, an Israel-based digital security consultant, said, “A decade in tech is an eternity.” These days, the attack surface is growing, said Zafrir, the former Unit 8200 commander who now runs Team8, a combination venture capital fund, incubator, and ideas lab. The development that worries him and other experts most is the proliferation of the internet of things.

“Everything is becoming a computer—your phone, your fridge, your microwave, your car,” said Bruce Schneier, an expert on cyber-related issues at Harvard University. The problem is that the internet, which came of age in the 1970s and 1980s, was never designed with security in mind. So everyone is now scrambling to play catch-up, patching holes in both information systems (e.g., software programs) and operating systems (e.g., physical industrial plants) that are outdated, poorly written, or simply insecure. “Attacks always get faster, easier, and better,” added Schneier, the author of Click Here to Kill Everybody: Security and Survival in a Hyper-connected World.



21 views0 comments