Treat cybercrime as a national security threat, Google warns.SOPA Images/LightRocket via Getty ImagesWhen the term national security threat is used in a cyber sense, thoughts maybe turn to the likes of suspected Chinese state-affiliated hackers attacking the U.S. Treasury, or perhaps Russian ransomware gangs claiming to have data that could destroy the FBI. But according to a report from the Google Threat Intelligence Group, financially motivated cybercrime attacks, including those without any ties to state actors or aspirations, can be just as harmful to national security. A single incident can be impactful enough on its own to have a severe consequence on the victim and disrupt citizens' access to critical goods and services, Google has warned, concluding that cybercrime must be treated as a national security priority that requires international cooperation.Google Warns Of Multifaceted National Security Threat From CybercrimeNational security practitioners pay more attention to state-affiliated hacking groups than they do to cybercrime activity, despite the latter making up the vast majority of malicious activity online, according to a Feb. 12 Google Threat Intelligence Group report. Nothing wrong with that, you might think, after all, theres a big difference between cybercrime and state-sponsored attacks that impact national security, right? Google isnt so sure that the two can be evaluated in isolation despite the severe risk posed by state-backed hacking.A hospital disrupted by a state-backed group using a wiper and a hospital disrupted by a financially motivated group using ransomware have the same impact on patient care, the Google Threat Intelligence Group analysts argued; Likewise, sensitive data stolen from an organization and posted on a data leak site can be exploited by an adversary in the same way data exfiltrated in an espionage operation can be.Im inclined to agree. Just looking at the attacks against healthcare providers, with millions of patient records stolen and even blood donor supplies disrupted, should be enough to convince most people that whatever the motivation the threat to national security is very real. Healthcare's share of posts on data leak sites has doubled over the past three years, Google warned, even as the number of data leak sites tracked by Google Threat Intelligence Group has increased by nearly 50% year over year.Google Says Cybercrime Facilitates State-Backed HackingThe Google report cited how Russia has used cybercriminal capabilities during the war in Ukraine, with the military intelligence-linked Sandworm unit, known as APT44, employing malware available from cybercrime communities to conduct espionage and disruptive operations. Iranian threat groups also deploy ransomware to raise funds and conduct espionage at the same time, while Chinese spy groups often supplement their income with cybercrime, Google said. North Korea uses state-backed groups to directly generate revenue for the regime, the report explained; North Korea has heavily targeted cryptocurrencies, compromising exchanges and individual victims crypto wallets. All of which serves to demonstrate that states are purchasing cyber capabilities through the use of cybercrime, and co-opting criminals to conduct state-directed operations to steal data.Only by recognizing the cybercrime threat as also being a national security one can the root causes be tackled. Cybercrime involves collaboration between disparate groups often across borders and without respect to sovereignty, Google said, so any solution must also use international cooperation by both law enforcement and intelligence agencies to track, arrest, and prosecute these criminals.