Assessing nation-state-sponsored cyberattacks using aspects of Situational Crime Prevention

Research Summary: This study utilized a quantitative analysis of 246 cyberattack incidents reported in the Extremist CyberCrime Database to identify significant predictors of nation-state-sponsored cyberattacks relative to those performed by non-nation-state-sponsored ideological actors. Clarke and Newman's Situational Crime Prevention framework for terrorism was used to identify differential opportunities to successfully affect targets on the basis of tools, weapons, and the ability to access targets in online settings. The analysis noted nation-state-sponsored attacks were less likely to use high-visibility attack methods and more likely to utilize attack methods leading to data breaches. In addition, they were more likely to target state governments and military entities relative to ideological actors. Policy Implications: Nation-state attacks are more difficult to identify or mitigate while in process, requiring a more robust national cybersecurity policy framework to be implemented that moves beyond current practices. There is a need to better utilize all aspects of government, from legislation to grant funding, in order to deter cyberattacks from continuing into the future.