Ebene Magazine – Companies affected by nation-state cyber attacks by scatter shots – report


The company is the number one target in cyberattacks in nation states, which are increasingly targeting a « broad spectrum » of victims, according to a report.

In terms of volume, the vast majority of cyberattacks are carried out by profit-driven criminal groups targeting low hanging fruit on a large scale.

However, an HP-sponsored report by Michael McGuire, professor of criminology at the University of Surrey, showed how the lines between traditional cybercrime and nation-state attacks have become increasingly blurred in recent years.

An analysis by More than 200 cybersecurity incidents related to nation-state activities between 2019 and 2021 resulted in a 100% increase in attacks carried out by or on behalf of countries.

The researchers note that the nation-state ruse is « inherently a notoriously opaque area of ​​research ». As such, it also relied on first-hand information gathering from informants operating on the dark internet, as well as consultations with 50 practitioners in areas such as government, science, and law enforcement.

The company was the number one target for nation-state hacks with 35% of attacks. Intellectual property theft, supply chain disruption and stolen currency are among the main motivations for such attacks. The pandemic has seen an increase in nation states attempting to steal vaccine development data, with the report finding attacks on drug companies like Pfizer increased by 50%. In 2020, there were an average of 10 publicly attributed nation-state attacks per month, according to the report.

« When we look at nation-state activity through the lens of this report, it is no surprise that we have seen such an escalation over the past year. The writing has been on the wall for a while, ”said McGuire. « Nation states invest a lot of time and resources in achieving a strategic cyber advantage to advance their national interests, information gathering capabilities, and military strength through espionage, disruption, and theft. »

The growing trend of nation-state cyberattacks can be partially explained by “the increasing use of cyber to support traditional military and intelligence objectives,” writes Ian Pratt, HP’s global director of personal systems security.

Cost and scale are important factors in explaining this cyber shift. Instead of sending a network of spies, a country can monitor its opponents with the push of a button. The right kind of malware delivered against the right target can be just as destructive as a missile.

And unlike a kinetic attack, it is far easier for nation states to cover their tracks with the help of proxy hacking groups. About 58% of the experts surveyed in the report believe that nation states are actively recruiting cyber criminals to carry out attacks.

While businesses may not be nation states’ primary targets, the report warns that the business is increasingly being hit, either as direct targets or in the crossfire.

The recent SolarWinds hack is a prime example of a nation-state supply chain attack. At the end of 2020, nation-state hackers with ties to Russia exploited a security hole in the IT provider’s Orion software, which gave them access to more than 15,000 SolarWinds clients, including Microsoft, Cisco and Intel.

Function isEmail (E-Mail) {
var regex = / ^ ([a-zA-Z0-9_. -]) @ (([a-zA-Z0-9-]) .) ([a-zA-Z0-9] {2,4 }) $ /;
return regex.test (email);

(Function ($) {
$ (Document) .ready (function () {
$ (‘form.widget_wysija’) .submit (function (s) {
e.preventDefault ();
setTimeout (function () {
var msg = $ (‘.wysija-msg’);
var email = $ (‘# form-validation-field-0’) .val ();
if (msg.text ()! ==  ») {
//window.location.replace (‘http: // your_thank_you_page_url’);
// alert (email);
jQuery.ajax ({
Type: « POST »,
URL: « /wp-admin/admin-ajax.php »,
Data: {E-Mail: E-Mail, Action: ‘add_to_mail’},
Success: Function (data) {

// alert (data);

return wrong;

}, 3000);
}) (window.jQuery);

In early 2021, it was the turn of the China-affiliated advanced persistent threat group Hafnium, which used zero-day exploits to compromise over 20,000 organizations running on-premises Microsoft Exchange servers.

« Nation-state conflicts do not take place in a vacuum – as the fact shows that companies are the most frequent victims of these cyberattacks analyzed, » explains Pratt. “Whether it’s a direct target or a stepping stone to gaining access to larger targets, as we saw in the upstream supply chain attack against SolarWinds, organizations of all sizes need to be aware of this risk. With the growth and complexity of cyber attacks in nation states, it is important that organizations invest in endpoint security to stay one step ahead of these evolving threats.  »

Despite recent attacks like the attempted poisoning of a water treatment plant in Florida that made headlines, critical infrastructure has remained a minor nation-state target with only 10% of attacks.

It is common knowledge that hacking tools developed by nation states can and must be put up for sale on the dark Internet. In some cases, these features have been traced back to the same countries in which they were developed. In 2017, the mysterious hacking group Shadow Brokers carried out a digital raid on the US National Security Agency (NSA) and stole the EternalBlue exploit that carried out the worldwide WannaCry ransomware attack and the NotPetya attack that same year .

Of the incidents analyzed in the study, 20% concerned “sophisticated, bespoke weapons” such as those developed by nation-states like EternalBlue. However, the majority of hacking tools – 50% – were « inexpensive » and available on the dark internet.

The investigation found that most of the instruments used by nation states were used for surveillance purposes, as secret services wanted to remain covert rather than destructive.

« This unprecedented amalgamation of politics, strategic maneuvers, trade and crime presents the regulation of the digital world with unique challenges, in particular the search for common areas of interest that can reduce tensions between nation states, » writes Maguire.

All of this has resulted in what the report calls the « Web of Profit, » where nation states develop, buy and sell hacking tools and hire cybercriminals.

« In this way, nation states have become both beneficiaries and contributors to the Web of Profit that defines the cybercrime economy, » the report said.

This activity feeds into a cybercrime industry that is estimated to have more than $ 1.5 billion in annual sales, a number well above that of the most profitable companies combined. These are the effects of stolen digital currency, data, and intellectual property. The associated revenues have even boosted economic indicators such as GDP, foreign exchange reserves and export value, the report said.

This is perhaps most notable in North Korea, which has increasingly turned to cybercrime to evade sanctions against the authoritarian state. His hacking efforts included a $ 81 million digital bank robbery against the Central Bank of Bangladesh in 2016.

The increasing overlap between military targets and cyberattacks has led to the demand for a cyber contract to set clearer rules for engaging in cyberspace. Of the experts surveyed in the report, 70% said that such a contract is necessary to prevent cyberwarfare from escalating. However, only 15% believe that an agreement will be reached in the next 5 to 10 years.

The cyber threat landscape is constantly evolving, whether it’s new twists in proven techniques or new technologies.

According to McGuire, deepfakes, swarms of drones and quantum computers « with the ability to damage almost any encrypted system » are the threats of the future.

« We’re all in the crossfire now, so it’s important that every company do everything possible to protect themselves and their wider network, » added Pratt.

Powered by

Ref: https://www.verdict.co.uk




Laisser un commentaire, votre avis compte!


Laisser un commentaire, votre avis compte!

Laisser un commentaire, votre avis compte!