30 Mar 86% of cybersecurity pros surveyed believe they’ve been targeted by a nation-state
A survey from cybersecurity company Trellix has found that more than three quarters (86%) of cybersecurity professionals believe they have been targeted by nation-state threats.
The report highlighted that professionals felt they needed increased government support to fight cyber attacks; 9 in 10 respondents think the government should do more to support organisations and protect critical infrastructure against state-backed cyberattacks.
The report comes from cybersecurity company Trellix alongside the Center for Strategic and International Studies (CSIS), who together have released a global report; In the Crosshairs: Organizations and Nation-State Cyber Threats. The report, written by CSIS and based on research conducted by Vanson Bourne, surveyed 800 IT decisions makers from a variety of industries.
The report examines security professionals’ mindsets towards nation-state actors, the extent they are being targeted, how nation state actors differ from other cyber criminals and how they view the role of government in responding to attacks. The report found Russia and China among the most likely suspects of being behind successful cyberattacks resulting in data loss, service disruption, and industrial espionage, which led to significant costs to the organisations attacked.
Bryan Palma, CEO of Trellix, said: “As geopolitical tensions rise, the likelihood of nation-state cyberattacks rises as well. Cybersecurity talent shortages, outdated IT infrastructure, and remote work are the greatest challenges in today’s operating environment. Organisations must improve their automation, remediation, and resiliency capabilities to defend against increasingly sophisticated attacks.”
The report found that 92% of respondents have faced or suspect they have faced a nation-state backed cyberattack in the last 18 months or expect to face one in the future. The report also found most organisations struggle to confidently and accurately determine if a cyberattack is linked to a nation-state given technical challenges and the efforts hackers go to hide their identity. Unlike cyber criminals, nation-state actors focus on conducting intelligence operations to gain intellectual property and data to serve an economic or military goal, while also leaving backdoors in organisation infrastructure for re-entry.
The risk to organisations is significant, with the average nation-state-backed cyberattack costing an estimated $1.6 million per incident. Yet the report finds 10 percent of organisations surveyed do not have a cybersecurity strategy in place.
Whilst access to consumer data was the motive for nearly half of reported state-backed incidents, only 33% of organisations reported reaching out to their customers to disclose the incident. The respondents view personally identifiable information (PII) related to either their customers or employees—as one of the main factors they would be targeted (46% and 40% respectively). As organisations prepare their cybersecurity strategies, risks to reputation and trust are at stake. Transparency with end customers should be considered in addition to ensuring direct communication with cybersecurity vendors, partners and government agencies.
The report also found 92% of respondents were willing to share information about an attack, but not always the full details. Overall, organisations are looking to the government for guidance into how they can protect themselves while being hindered by a lack of breach disclosures. 90 percent of respondents think the government should do more to support and protect critical infrastructure from cyberattacks.
James Lewis, senior vice president and director for Strategic Technologies Program for CSIS, said: “Nation-states and their criminal proxies are some of the most dangerous cyber attackers because they are capable, best resourced and extremely persistent.
“It’s not surprising that nation states, particularly China and Russia, are behind many of the cyber-attacks organisations experience; what is surprising is that 86% of respondents in this survey believe they have been targeted by a group acting on behalf of a nation-state, and only 27% are completely confident in their organisation’s ability to recognise such an attack in contrast to other cyberattacks.”