Nation state attacks increase 100 percent in three years
A new report shows that nation state cyberattacks are becoming more frequent, varied and open, moving us closer to a point of 'advanced cyberconflict' than at any time since the inception of the internet.
The report, sponsored by HP, is based on research conducted by Dr Mike McGuire, senior lecturer in criminology at the University of Surrey and finds that there's been a 100 percent rise in 'significant' nation state incidents between 2017 and 2020.
Analysis of over 200 cybersecurity incidents associated with nation state activity since 2009 also shows the enterprise is now the most common target (35 percent), followed by cyberdefence (25 percent), media and communications (14 percent), government bodies and regulators (12 percent), and critical infrastructure (10 percent).
The research also draws on first-hand intelligence gathering from informants across the dark web and consultations with an expert panel of 50 leading practitioners in relevant fields (such as cybersecurity, intelligence, government, academia, and law enforcement). The findings paint a picture of escalation in tensions, supported by increasingly complex structures that intersect with the underground cybercrime economy.
Among the findings 64 percent of the expert panel say that 2020 presented a 'worrying' or 'very worrying' escalation in tensions, with 75 percent saying COVID-19 presented a significant opportunity for nation states to exploit.
Supply chain attacks saw a rise of 78 percent in 2019 and between 2017 and 2020 there were over 27 distinct supply chain attacks which could be associated with nation state actors. Over 40 percent of incidents analyzed involved an attack on assets that had a physical, as well as a digital, component -- for example, an attack on an energy plant -- a phenomenon labelled as 'hybridization'.
Tactics used by nation states to acquire COVID-19-related IP data appear to have been road-tested by cybercriminals, which is characteristic of the way nation states have become beneficiaries of and contributors to the 'Web of Profit' that constitutes the cybercrime economy. There is evidence too that nation states are stockpiling zero day vulnerabilities, while 10-15 percent of dark net vendor sales go to 'atypical' purchasers, or those acting on behalf of other clients, such as nation state actors.
"When we look at nation state activity through the lens of this report, it comes as no surprise that we have seen such an escalation over the past year; the writing has been on the wall for some time," says Dr McGuire. "Nation states are devoting significant time and resources to achieving strategic cyber advantage to advance their national interests, intelligence gathering capabilities, and military strength through espionage, disruption and theft. Attempts to obtain IP data on vaccines and attacks against software supply chains demonstrate the lengths to which nation states are prepared to go to achieve their strategic goals."
You can find out more and get the full report ion the HP site.