Executive Summary: Organizations and Nation-State Cyber Threats
By John Fokker · March 28, 2022
Traditionally when we talk about threat actors, we first need to make the split between cybercrime and nation-state sponsored operations. Where cybercrime is mostly focused on financial gain, nation-state operations are often conducting strategic attacks to disrupt an adversary or in it for the long run, conducting intelligence operations to gain intellectual property to serve an economic or military goal.
However, over the years those lines have blurred and with the recent leaks of the chats of the Conti and Trickbot crews, government involvement cannot be excluded as the chats hinted towards State influenced cybercrime behaviour. Our team recently launched a new report – In the Crosshairs: Organizations and Nation-State Cyber Threats – written by the Center for Strategic and International Studies (CSIS) and based on a survey of 800 IT decision makers by Vanson Bourne. We sought to understand: are security teams capable, with their current technology and skills, to differentiate between these two and are they able to respond accordingly? This report digs into answering this questions and how global companies are coping with the cybersecurity challenges that come with nation-state threat actors.
Another change we have observed over the years is that, in most conversations when we talk about cyber incidents, the word “data” is used generically, like “the actors were after classified or sensitive data.” What exactly do we mean by data? Is it the intellectual property the actors are after? Or is it the data that will show them how to lateral move through the network? In other words, was the data that was stolen used in achieving the threat actor’s objective or was obtaining the data the actual objective? With the shift to an ‘always-on economy,’ attackers started to encrypt the data to impact the availability of the services? And if that is not enough, the actors are more than happy to leak data if they’re not paid fast enough, or a company refuses to pay because they have a working backup and recovery process in place.
One of the surprising outcomes of our survey is that respondents mentioned outdated infrastructure. We would expect that investments are yearly made to keep the infrastructure up to date, to serve the demands and changes that are constantly happening. Combined with responses around the cybersecurity skills shortage and an observed increase of cyber-attacks over the years, concerns raised about outdated security technology should raise a call to action across both the private and public sector. On top of that 10 percent answered honestly that there was no security strategy. Concerning in the light of the increasing number of cyber-attacks over the years. Whether it is nation-state or cybercrime-related, being able to detect, block and protect is key, and key to keep our society running.
RECENT NEWS
-
Feb 5, 2025
Trellix Accelerates Secure Cloud Adoption in Australia with New Government Accreditations
-
Jan 28, 2025
Trellix and NEXTGEN Accelerate Cybersecurity Platform Adoption in Australia and New Zealand
-
Jan 22, 2025
Trellix Welcomes New CEO to Lead Next Phase of Growth
-
Jan 14, 2025
Trellix Accelerates Global Partner Growth with Revamped Xtend Partner Program
-
Jan 13, 2025
Trellix Promotes Gareth Maclachlan to Chief Product Officer
RECENT STORIES
Latest from our newsroom
Get the latest
Stay up to date with the latest cybersecurity trends, best practices, security vulnerabilities, and so much more.
Zero spam. Unsubscribe at any time.