New findings from Venafi 64% of Businesses Suspect They’ve Been Targeted or Impacted by Nation-State Attacks. Among key findings:
- 82% believe geopolitics and cybersecurity are intrinsically linked
- 77% believe we’re in a perpetual state of cyberwar
- More than two-thirds (68%) have had more conversations with their board and senior management in response to the Russia/Ukraine conflict
- 63% doubt they’d ever know if their organization was hacked by a nation-state
- 66% of organizations have changed their cybersecurity strategy as a direct response to the conflict between Russia and Ukraine
- 64% suspect their organization has been either directly targeted or impacted by a nation-state cyberattack.
The survey of over 1,100 security decision makers (SDMs) globally found that 66% of organizations have changed their cybersecurity strategy as a direct response to the conflict between Russia and Ukraine, while nearly two-thirds (64%) suspect their organization has been either directly targeted or impacted by a nation-state cyberattack.
With all of this diplomacy gone wrong, it is no wonder that wars are being fought… but they are predominantly fought in the cyber world. Many are correct to believe that cybersecurity and geopolitics are directly linked. If anything, businesses have learned this lesson the hard way, for just because they are private-sector and a multinational organization, does not mean they are invincible to an enemy nation’s ransomware. Or better yet, a private business operating abroad becomes a target for spyware (cough, cough, China and Huawei) out of the suspicion they are harboring their home country’s government secrets.
Despite a nation-state’s obvious agenda for zeroing in on military and government targets, such adversaries have become bolder and less dismissive of attacking private businesses, regardless of that company’s allegiance to serving consumers internationally. Therefore, every private institution needs to align their policies to thinking “security first”.
While most businesses have IT departments, many still lack a well-trained and sophisticated cybersecurity team within their organization. Such changes for a more secure network and security structure need to be made, as well as recruiting for the people who can do the job effectively (not just a one-person team). If companies fail to get started before it is too late, most of the world will find themselves at the mercy of cyber outlaws.
Nation state actors have the added advantage of sophisticated toolkits combined with well-coordinated human and compute resources that can make them particularly deadly. The de-perimeterization of the corporate network over the past decade coupled with the work from home during the COVID-19 pandemic, have created a perfect storm of loss of infrastructure control on part of IT and broadened the attack surface to include the Internet.
Typical VPNs or ZTNA solutions stop at the network level and are unable to withstand a targeted assault from nation state actors who can penetrate the protocol stack with advanced attacks. Corporations and Governments alike should look at advanced cyber defense techniques like stealth networking to obfuscate source destination relationships and flows of interest thereby ensuring protection of sensitive data and resources.
Security teams need to remember that they have governmental customers or users that have governmental customers, and so they and their customers will be persons of interest to the malicious actors.
Malicious actors work by looking for the intermediate openings to get to the Target. They will move from E to D to C to B to get to A, their actual Target – threading the needle and traversing weaker points of entry. For example, they go through the schools to a local government, and then to the State and then to the Federal Government target, because we’re all connected nowadays. Global conflicts begin locally. Think of it this way: “To hack Globally, start Locally.
Threat actors look for the easiest and smallest point of vulnerability. North Korea went after influencers in the hacker space to get into their potential government contacts, and then moved laterally to the larger targets
The issue is not really about whether an organization has a connection to the government, they assume that at some point in the chain that many organizations either do or will have those connections. Organizations need to know that threat actors are looking to move through them to reach their desired target and they themselves may not be the actual main target.