Two in three businesses suspect they have been targeted by a nation-state cybercriminal organization since the outbreak of war between Russia and Ukraine, according to a cybersecurity analyst.
Citing a survey of more than a thousand decision-makers at companies, and the recent dramatic shift in geopolitics prompted by Russia’s invasion, Venafi said 66% of respondents had changed their cybersecurity posture as a direct response to the outbreak of war - while 64% said they suspected their organization had been “either directly targeted or impacted by a nation-state cyberattack.”
Perhaps more worryingly still, a similar proportion (63%) said they doubted if they would ever know if their organization had actually been subjected to a state-backed cyber-assault.
These findings appeared to play directly into a highly politicized view of cybersecurity among company bosses, with more than eight in ten (82%) saying they believed it and geopolitics were “intrinsically interlinked.”
“Cyberwar is here,” said Kevin Bocek, vice president of security strategy and threat intelligence at Venafi. “It doesn’t look like the way some people may have imagined, but security professionals understand that any business can be damaged by nation-states.”
He added: “The reality is that geopolitics and kinetic warfare now must inform cybersecurity strategy. We’ve known for years that state-backed APT [Advanced Persistent Threat] groups are using cybercrime to advance their nations’ wider political and economic goals. Everyone is a target and, unlike a kinetic [conventional] warfare attack, only you can defend your business against nation-state cyberattacks.”
Bocek added that nation-backed breaches are particularly virulent because they tended to innovate attack vectors, coming up with new ways to catch out unwary organizations.
“Nation-state attacks are highly sophisticated and they often use techniques that haven’t been seen before. This makes them extremely difficult to defend against if protections aren’t in place before they happen,” continued Bocek.
Foremost among such trends recently observed was the use of machine identities to target the digital certification and cryptographic keys that underpin all secure transactions.
“Because machine identities are regularly used as part of the kill chain in nation-state attacks, every organization needs to step up their game,” said Bocek. “Exploiting machine identities is becoming the modus operandi for nation-state attackers.”
More from Cybernews:
Subscribe to our newsletter