Executive Summary: Organizations and Nation-State Cyber Threats
By John Fokker · March 28, 2022
Traditionally when we talk about threat actors, we first need to make the split between cybercrime and nation-state sponsored operations. Where cybercrime is mostly focused on financial gain, nation-state operations are often conducting strategic attacks to disrupt an adversary or in it for the long run, conducting intelligence operations to gain intellectual property to serve an economic or military goal.
However, over the years those lines have blurred and with the recent leaks of the chats of the Conti and Trickbot crews, government involvement cannot be excluded as the chats hinted towards State influenced cybercrime behaviour. Our team recently launched a new report – In the Crosshairs: Organizations and Nation-State Cyber Threats – written by the Center for Strategic and International Studies (CSIS) and based on a survey of 800 IT decision makers by Vanson Bourne. We sought to understand: are security teams capable, with their current technology and skills, to differentiate between these two and are they able to respond accordingly? This report digs into answering this questions and how global companies are coping with the cybersecurity challenges that come with nation-state threat actors.
Another change we have observed over the years is that, in most conversations when we talk about cyber incidents, the word “data” is used generically, like “the actors were after classified or sensitive data.” What exactly do we mean by data? Is it the intellectual property the actors are after? Or is it the data that will show them how to lateral move through the network? In other words, was the data that was stolen used in achieving the threat actor’s objective or was obtaining the data the actual objective? With the shift to an ‘always-on economy,’ attackers started to encrypt the data to impact the availability of the services? And if that is not enough, the actors are more than happy to leak data if they’re not paid fast enough, or a company refuses to pay because they have a working backup and recovery process in place.
One of the surprising outcomes of our survey is that respondents mentioned outdated infrastructure. We would expect that investments are yearly made to keep the infrastructure up to date, to serve the demands and changes that are constantly happening. Combined with responses around the cybersecurity skills shortage and an observed increase of cyber-attacks over the years, concerns raised about outdated security technology should raise a call to action across both the private and public sector. On top of that 10 percent answered honestly that there was no security strategy. Concerning in the light of the increasing number of cyber-attacks over the years. Whether it is nation-state or cybercrime-related, being able to detect, block and protect is key, and key to keep our society running.
Mar 15, 2023
Trustwave and Trellix Announce Strategic Partnership to Deliver Best-in-Class Managed Detection and Response to Protect Global Organizations
Feb 22, 2023
Trellix Finds LockBit Ransomware Gang Most Apt to Leak Stolen Data
Feb 8, 2023
Trellix Launches Xtend Global Channel Partner Program
Feb 6, 2023
President Biden Names Bryan Palma to National Security Telecommunications Advisory Committee
Jan 17, 2023
Trellix Endpoint Scores 100% Detection with Zero False Positives in Latest SE Labs Endpoint Security Test
The latest from our newsroom
The Bug Report – January 2023 Edition
By Jesse Chick · February 1, 2023
January began with a headache on a Sunday morning and, if you happen to be on the receiving end of this month's remote code excitement, it ended with one, too.
Cyberattacks Targeting Ukraine Increase at End of 2022
By Daksh Kapur, Tomer Shloman, Robert Venal and John Fokker · January 24, 2023
From malicious email and URLs to nation-state backed use of malware, cyberactivity continues to accompany kinetic military activity and social discontent.
Trellix to Lead the XDR Market
By Daniel Ramos · December 19, 2022
Recognition by the analytical firms and peer review programs in all the main XDR front-end components including EDR, NDR, SEG, CWWP, and DLP.
Get the latest
We’re no strangers to cybersecurity. But we are a new company.
Stay up to date as we evolve.
Zero spam. Unsubscribe at any time.