If you are wondering why I am re-writing this blog post, it is because the old version was terrible and didn’t explain it very good.
State-sponsored attacks / incidents are where government organizations target and attack certain companies such as Google or Facebook and try to steal personal information. This information often contains things which identify and expose members of the public. The state-sponsored actors often find and use vulnerabilities in services to steal this information, which is referred to by some as ‘hacking’ or ‘exploiting’ those services.
What personal information is collected / stolen?
Many things are stolen such as names, gender, phone number, date of birth, home address and many more. The government organisations use this information to identify and locate activists or people who are wanted by the police. However, recently there has been a number of attacks where information was stolen belonging to random members of the public.
What government is doing it the most?
There has been many debates about this, but by far the most notorious countries known for these attacks are Russia, United States, United Kingdom and China. China was somewhat expected to be in this list * as the Chinese government already do some suspicious things with their internet communications.
What vulnerabilities do they use?
Many vulnerabilities are being exploited such as MITM, XSS, SQL Injection or even Cross Site Request Forgery. Some attackers even use one vulnerability to find another.
Many large companies are warning people if they are believed to be a target of a state-sponsored attack, such as Google, Yahoo, Facebook and Twitter. This means that if you are targeted, you can protect your identity and personal information by removing them from these services, before the governments actually obtain this information.
* – This is my opinion and I was not trying to be stereotypical or ‘racist’.