Advanced Persistent Threats (APTs) are a prime concern in the formulation and implementation of national cybersecurity policies. These threats often also involve complex social engineering tactics which are undergoing a quantitative and qualitative revolution with burgeoning AI capabilities. However, the attribution of these APT activities can be mired with technical and political considerations. We analysed 142 APT groups’ attributions along with their use of social interaction vectors to ascertain the nature of the risk environment and the operational threat landscape of AI and social automation. We discover that close to 80% of APT activities could be chalked up to merely 20% of key nation-state threat actors competing with each other. We further discuss the implications of this political threat distribution for national cybersecurity environments.
Keywords: cybersecurity, AI Policy, advanced persistent threats, automation, social engineering