Cyber Attacks By Nation States On The Rise

Nation-states with considerable ABCresources are attacking US-based targets’ cyber-defenses at an increasing rate each year. Is your organization prepared to defend itself?

The 2019-2020 Global Application & Network Security Report by Radware doesn’t offer very encouraging data for the state of cybersecurity as we begin a new decade. Respondents to the survey report an increasing rate of attacks by cybercriminals not based in the US, as well as mounting concern over the security offered by newer technologies like the cloud and the Internet of Things.

Are you prepared to deal with the growing threat of cybercrime, as your organization adopts newer technologies?

Cyber Attacks Nation States

What Threats Do You Need To Mitigate?

Perhaps the most concerning statistic determined in Radware’s report is the growing rate of nation-state cyber attacks. Whereas in 2018, only 19% of organizations believed they had been targeted by nation-states in a cyber attack, that number grew to 27% in 2019.

Often originating in Asian and Middle Eastern countries, nation-state cyber attacks are unique in their danger because they are often executed with greater resources and near total immunity from any sort of justice when compared to garden variety, US-based hacks.

For example, in mid-2019, Microsoft warned more than 10,000 users that their personal data may have been affected by nation-state attacks originating in Iran, North Korea and Russia. 84% of these attacks targeted businesses, and the remainder went after individual accounts. These attacks are perpetrated by the same groups that target the Democratic National Committee and the US government itself.

What Could Put You At Risk?

Many respondents in Radware’s report note anxiety in using newer networked devices and smart technologies that are not necessarily as secure as conventional onsite IT environments. Potential cybersecurity risks include:

The Cloud

Whereas two in five managers stated they relied on a hybrid environment made up of cloud and on-premise data centers, only one in ten felt confident in the security of their data in public clouds.

According to Checkpoint and Cybersecurity Insider’s 2019 Cloud Security Report:

  • Leading cloud vulnerabilities include unauthorized cloud access (42%), insecure interfaces (42%), misconfiguration of the cloud platform (40%), and account hijacking (39%).
  • Those responsible for cybersecurity have difficulty acquiring visibility into cloud infrastructure security and compliance (67%).
  • Outdated cybersecurity solutions don’t integrate with the cloud – 66% of respondents said their traditional security solutions either don’t work at all, or only provide limited functionality in cloud environments

The bottom line is that if the cloud makes it easier for you and your staff to access your organization’s data, it can potentially make it easier for cybercriminals to do so as well.

The Internet Of Things

The respondents to Radware’s survey shared a range of concerns about the Internet Of Things (IoT):

  • Malware propagation (44%)
  • Lack of visibility (20%)
  • Denial of service (20%)

A popular new arena for technology, it’s estimated that there will be 64 billion IoT devices worldwide by 2025. IoT is a natural evolution of the Internet, consisting of a myriad of new “smart” and “connected” products and technologies for the commercial, consumer, and government environments.

As a so-far unregulated aspect of the IT world, IoT devices have been developed with minimal or nonexistent security features, despite the fact that they often connect over networks to sensitive data.

Are You Protecting Your Data?

As the most dangerous and more common consequence of cybercrime, data loss remains a top concern for all businesses. 30% of respondents to Radware’s survey reported lost data as the result of a breach as being a primary concern.

That’s why you need to take action now in order to protect your data from nation-state cyber attacks in the future:

Make An Inventory Of Your Data Assets

You have to start from a place of understanding. Begin by taking stock of your data – what it is, where it is stored, etc. With that information, you can then move forward in protecting it.

You also have to consider the worst-case scenario. What would it mean to you if you lost your data right now? Do you have a backup plan? Do you have redundancies and contingencies in place?

Back-Up Your Data

Do you have a data backup policy in place?

If not, then you’re vulnerable, right now, to ransomware. If you have a data backup solution, then it doesn’t matter if your data has been encrypted by ransomware. You can just replace it with your backup, simple as that.

That’s why you should make a considerable investment in a comprehensive backup data recovery solution so that you can restore your data at a moment’s notice when necessary.

Be sure to:

  • Back up data on a regular basis (at least daily).
  • Inspect your backups to verify that they maintain their integrity.
  • Secure your backups and keep them independent from the networks and computers they are backing up.

Make Sure Your Staff Is Secure

A comprehensive cybersecurity training program will teach your staff how to handle a range of potential situations:

  • How to identify and address suspicious emails, phishing attempts, social engineering tactics, and more.
  • How to use business technology without exposing data and other assets to external threats by accident.
  • How to respond when you suspect that an attack is occurring or has occurred.

Monitor For Intrusions

Security information and event management (SIEM) technology is a secure cloud service that provides 24/7 security and operation monitoring to oversee a given practice’s security needs. A SIEM solution offers a monitoring service, with adaptive threat protection that identifies active cyberattacks and takes action in real-time to protect your practice.

By integrating intelligence from global threat monitoring feeds, this solution responds to network-based zero-day exploit attempts, drive-by downloads, and advanced malware that routinely bypass conventional firewall and antivirus technologies.

This works in concert with a Security Operations Center (SOC) – this is a team of people, employing a range of proven processes and using carefully implemented technologies (such as SIEM) which are often centralized. They gather and analyze user reports and a range of data sources – such as logs — from information systems and cybersecurity controls.

Typically, the main point of a SOC in the healthcare setting is to identify, address and eliminate cybersecurity events that could negatively impact an organization’s information systems or data.

Is Your Organization’s Cybersecurity Effectively Managed?

BlueHat Cyber offers comprehensive cybersecurity services, including SOC, SIEM, and more to help you properly protect your organization against modern cyber threats, including nation-state attacks.

Like this article? Check out the following blogs to learn more:

Invest in Valuable Technology for Quality Profitable Work by Your Sales Team

SIEM -Security Information and Event Management

Microsoft Ending Support On Key Products

Not Sure Where To Start?