Throughout the US election season, the media was focused on nation-state cyberattacks and the possibility of those threat actors affecting the outcome of the US elections. But that’s not the worst threat that we’re facing from nation-state cybercriminals. What often gets glossed over in the general media is the less visible side of this threat. As shadowy cybercrime gangs step up their efforts, even interfering in COVID-19 vaccine research, nation-state cyberattacks are emerging as a threat to businesses, a fact that needs to be a part of every company’s risk calculus in 2020.
Every Industry Is At Risk
In the past, nation-state hackers were a more distant concept for average businesses. While they’ve always been a national security concern and a possible threat to infrastructure on a national level, less publically-directed companies, and local governments were unlikely to ever have to deal with nation-state hackers interfering in their operations. Quasi-government sponsored groups like Russian intelligence-adjacent APT 29 have been responsible for attacks against government agencies around the world but generally steered clear of businesses.
But that all changed in 2020, and now nation-state hacking is everyone’s problem. State-sponsored or state-adjacent cybercrime gangs with origins in Russia, Iran, China, North Korea, and other countries that are active in the espionage game have been expanding their efforts to include targets that directly impact our everyday lives. These bad actors have been responsible for everything from industrial sabotage to infrastructure interference in 2020, including a recent spate of ransomware attacks from nation-state actors on healthcare targets.
10 Facts You Need To Learn About Nation-State Cyberattacks In 2020 And Beyond
Nation-state cybercrime gangs are especially problematic for businesses because they’re not just your average hackers. These threat actors are sophisticated, practiced, and innovative, with deep playbooks and access to cutting-edge technology to facilitate their attacks – and they’ve got their fingers in every pie. Keep these facts in mind as you explore the danger that nation-state hackers could pose to your business:
- Over 90% of security alerts released by Microsoft about nation-state cyberattacks in 2020 warned of danger against non-governmental or infrastructure targets.
- Just over 60% of nation-state activity zeroed in on IT organizations.
- The next most common targets were commercial facilities, critical manufacturing, financial services, and the defense industrial base.
- Over a dozen hostile states are actively involved in launching these cyberattacks.
- Ransomware is the most commonly used tool of nation-state cybercriminals.
- The first half of 2020 saw 41,000 intrusions, a higher figure than the 35,000 detected during all of 2019, according to researchers
- Interpol detected about 907,000 spam messages, 737 malware-related incidents, and 48,000 malicious URLs featuring COVID-19 honeypots traced to nation-state hacking groups.
- 52% of nation-state hacking incidents between July 2019 and June 2020 related to Russian hackers, with 25% traced to Iran, 12% to China, and the rest tied to North Korea and other smaller players.
- 25% of data breaches in the last 12 months have been tied to espionage.
- 36% of companies in North America reported nation-state threats in 2020
Damaging Businesses and Services is the Name of the Game
Data theft is typically the purpose behind cybercrime, but that’s not the only goal of these threat actors , or even the most common. Instead of just snatching data, nation-state hackers like to take it a step further, using tools like ransomware and other malware to shut down manufacturing, interfere with logistics, and disrupt important research.
The idea that disrupting production, transportation, and services is an effective attack tactic has been used in conventional warfare for years, but the ability to do that without leaving the house is a newer concept that calls for increased vigilance and increased protection for every business.
Enlist Your Employees Into Your Efforts To Watch For Trouble
Ransomware is the preferred tool for nation-state cybercrime gangs making phishing even more dangerous. Protecting your business against today’s biggest threat starts with increasing your security awareness training, especially phishing resistance.
Don’t Tempt Fate and Wait Until It’s Too Late
In today’s tumultuous world and a correspondingly rapidly evolving threat landscape, every business needs to be prepared for the possibility of cyberattacks from nation-state cybercrime gangs. Contact us to schedule a 15 minute consultation with one of our Senior Technology Consultants. Be sure to visit www.optistartech.com/sat/ before December 31st, 2020, and sign up for a FREE 45-Day Security Awareness Training Trial for your employees so they can help protect your business.
— ID Agent