The rise of nation-state attacks

1 September 2019 News & Events

A new phase of cyber warfare has begun. Hackers acting on behalf of nation-state powers are no longer just out to disrupt critical infrastructures – they’re also actively seeking trade secrets. New battle lines have been drawn across the world, and organisations need to tool up accordingly.

The recently released Verizon Data Breach Investigations Report (VDBIR) is an eye-catching case in point, noting a sharp uptick in nation-state attacks, rising from 12% of all analysed breaches to 23% in the past year. 25% of breaches are currently influenced by cyber espionage, rising from 13%.

Hackers’ goals

Further research compiled by the Swedish Security and Defence Industry Association (SOFF) echoes VDBIR’s 25% espionage figure, but also breaks the issue down by sector.

Remarkably, 94% of all attacks currently aimed at the manufacturing industry are motivated by espionage, usually with the intent to steal trade secrets or sabotage plants. As an example – and a mere tip of the iceberg – Norwegian software firm Visma recently revealed that it had been targeted by hackers from the Chinese Ministry of State Security attempting to steal trade secrets. In another notable instance, Boeing revealed that, between 2009 and 2014, Chinese hackers were able to gain network access to steal 65 gigabytes of data on military aircrafts. The nature and style of the attack come as no surprise. Manufacturing – along with public administration and educational services – tend to aggregate large volumes of attractive, highly sensitive data.

SOFF predicts that security researchers now spend 90% of their time looking into espionage-based targeted attacks. Ten years ago, they would spend similar amounts of time focusing on criminal campaigns.

The financial impact associated with data breaches, espionage-based or not, are too consequential for organisations to ignore. SOFF also adds that it is worth understanding how 90% of the impacts caused by a cyberattack tend to be hidden (beyond the obvious outlay for mitigation, customer notification or legal action).

The techniques

In the last year alone, recent Infosec analysis shows an explosion of underground hacker marketplaces on the dark web. There are at least 300 hacker communities in existence, some with as many as half a million registered users, all packed to the gills with resources and disruptive tips.

In another alarming trend, hackers acting on behalf of nation-states are also increasingly carrying out zero-day attacks. Cybersecurity Ventures research predicts there will be one zero-day attack a day by 2021. Unfortunately, a zero-day attack is the first instance of a vulnerability being exploited so, if adequate defences aren’t in place, organisations will have a messy clean-up operation on their hands.

Another favoured technique is phishing, whereby attackers trick employees into providing their credentials and log-in details via fraudulent emails and communication. Recent analysis from PhishMe found that phishing emails are responsible for 91% of cyber-attacks – a concerning trend, but one that could soon be reversed with adequate training mechanisms.

How to stay one step ahead

The number of state sponsored attacks is only going to rise with the imminent impacts of trends like 5G and IoT. New attack surfaces are always expanding for switched on cybercriminals.

As you’d expect, a range of new technologies are emerging to aid the fightback. For example, AI solutions are being developed that can analyse all traffic in real-time to spot unusual behaviours and anomalies previously out of sight. These types of AI are explicitly designed to understand how traffic is meant to function, automatically flagging problems as they occur.

Whatever the technology mix looks like, both now and into the future, there will always be a need to apply security at every level and on every surface: endpoint, application, and infrastructure. Applications require consistent, intelligent and adaptable policies wherever they reside (on-premises, in the cloud or in a multi-cloud environment). Protecting perimeters is no longer enough.

Modern authentication techniques, such as the principle of least privilege and two-factor authentication, should become the norm. As ever, organisations should constantly review and update security settings and tools, running regular penetration tests to monitor and improve staff behaviour. Organisations also need to control wayward BYOD activity and ensure all staff are equipped with the tools they need to do they jobs safely. It is a dangerous world out there. Pre-emption, prevention and continuous education are the ways ahead.





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Highest increase in global cyberattacks in two years
Information Security News & Events
Check Point Global Research released new data on Q2 2024 cyber-attack trends, noting a 30% global increase in Q2 2024, with Africa experiencing the highest average weekly per organisation.

Read more...
From the editor's desk: A burning issue
Technews Publishing News & Events
      Welcome to the first publication from SMART Security Solutions devoted to the fire industry. In the BMI report, sponsored by the Elvey Group, released earlier this year, fire was the smallest component ...

Read more...
From the editor's desk: Keeping them out, keeping you aware
News & Events
Alarm, intrusion, and perimeter protection have been part and parcel of South African society for years. Many years ago, a home alarm consisted of wires covering one’s windows, which caused an alarm ...

Read more...
SMARTpod talks to The Risk Management Forum
SMART Security Solutions Editor's Choice News & Events Security Services & Risk Management Videos Training & Education
SMART Security Solutions recently released its first SMARTpod podcast, discussing the upcoming Risk Management Forum Conference 2024, which will be held on 26 September 2024 at the Indaba Conference Centre in Fourways, Johannesburg.

Read more...
New State of Physical Access Control Report from HID
HID Global Editor's Choice Access Control & Identity Management News & Events
HID released the 2024 State of Physical Access Control Report, identifying five key trends shaping access control's future and painting a picture of an industry that has been undergoing considerable transformation.

Read more...
Workforce Consortium to reskill 95 million people
Editor's Choice News & Events AI & Data Analytics
ICT Workforce Consortium of global leaders has come together, committing to train and upskill 95 million people over the next 10 years, as 92% of jobs analysed are expected to undergo either high or moderate transformation due to advancements in AI.

Read more...
Tech Trailblazers seeks the most innovative and diverse investors in enterprise tech
News & Events
This year, the global enterprise tech startup awards, the Tech Trailblazers, is looking for the most innovative and diverse VCs as well as its usual hunt for groundbreaking tech start-ups.

Read more...
ONVIF standards drive growth in physical security market
News & Events
ONVIF has announced that more than 30 000 product models in the $120  billion global physical security market meet the ONVIF conformance requirements for interoperability.

Read more...
Western Digital reveals new solutions
Products & Solutions News & Events Infrastructure
Western Digital unveiled new solutions and technology demonstrations at the Future of Memory and Storage Conference 2024. The innovations cater to diverse market segments, from hyperscale cloud to automotive and consumer storage.

Read more...
Challenges in SMME financing and support
News & Events Financial (Industry)
In a step towards empowering small, medium, and micro enterprises (SMMEs), a recent forum was held in KwaZulu-Natal aimed at developing and growing SMMEs through public-private collaboration.

Read more...