Nearly two-thirds (64%) of organizations suspect that they have either directly been targeted or have been affected by a cyber attack against a nation state. Additionally, 66% say they have changed their cybersecurity strategy in direct response to the conflict between Russia and Ukraine.

That’s according to new research from Venafi, a provider of machine-based identity management, which delved into the security implications of the growing number of attacks on nation-states and recent shifts in geopolitics.

Other key findings include that 77% believe we are in a state of permanent cyber warfare, 82% believe geopolitics and cybersecurity are inextricably linked, and another 68% have had more conversations with their board of directors and senior management in response to the conflict between Russia and Ukraine.

Moreover, 63% say they doubt they will ever know if their organization has been hacked by a nation state, and 64% believe the threat of physical warfare is a greater concern in their country than cyberwarfare.

The study, which surveyed more than 1,100 security decision-makers, also looked at the techniques used by nation-state threat actors and found that the use of machine-based identification is increasing in state-sponsored cyber attacks.

Kevin Bocek, vice president of security strategy and threat intelligence at Venafi, says cyberwar is here. “It doesn’t look like what some people might imagine, but security professionals understand that any business can be harmed by nation states. The reality is that geopolitics and kinetic warfare must now be at the core of cyber security strategy.”

He said that state-sponsored APT groups have been known for years to use cybercrime to advance their countries’ political and economic interests and goals.

Unfortunately, he says, everyone is a target, and unlike kinetic military attacks, every company must defend itself against nation-state cyberattacks.

Kinetic attacks are a type of cyber attack that can cause direct or indirect physical harm, injury, or death through exploiting vulnerable systems and processes.

Reconnaissance, weapons are coming

The study also found that Chinese APT groups conduct cyberespionage to advance the country’s international intelligence, while North Korean groups channel cybercrime proceeds directly into their country’s weapons programs.

The SolarWinds attack, which compromised thousands of companies by using machine credentials to create backdoors and gain trusted access to key assets, is a stark example of the scale and scope of attacks against nation-states using compromised machine credentials.

More recently, Russia’s HermeticWiper attack, which hacked multiple Ukrainian organizations days before invading the country and used code signing certificates to authenticate malware, is another example of abuse of machine identification by national state actors.

Digital certificates and cryptographic keys that identify a machine are the foundation of security for all digital transactions, he explains. “Machine identifiers are used by everything from physical devices to software for secure communications. The only way to reduce the risk of machine identity abuse, which is commonly used by nation-state attackers, is through a control plane that provides observability, control and reliability.”

Attacks by nation states are very sophisticated and often use methods that have never been seen before, Bocek says.

“This makes them extremely difficult to defend against unless defenses are put in place before they happen. As machine identifiers are routinely used as part of the kill chain in attacks against nation states, every organization must up its game. The use of machine identifications is becoming a modus operandi for those attacking the nation-state.”

The study was conducted by Sapio in July this year and spoke to security decision makers in the US, UK, France, Germany, Benelux and Australia.

Source by [author_name]

Previous articleProgress has been made in paying suppliers on time
Next articleOneLogix is ​​going through a year of testing