Powered by MOMENTUM MEDIA
cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Trellix and CSIS: Increased government support required to stop nation-state cyber actors

Trellix and the Center for Strategic and International Studies (CSIS) released a global report, In the Crosshairs: Organisations and Nation-State Cyber Threats, examining security professionals’ mindsets towards nation-state actors, the extent they are being targeted, how nation-state actors differ from other cyber criminals and how they view the role of government in responding to attacks.

user iconReporter
Mon, 28 Mar 2022
Trellix and CSIS: Increased government support required to stop nation-state cyber actors
expand image

The report found Russia and China among the most likely suspects of being behind successful cyber attacks resulting in data loss, service disruption and industrial espionage, which led to significant costs to the organisations attacked.

As geopolitical tensions rise, the likelihood of nation-state cyber attacks rises as well, according to Bryan Palma, CEO of Trellix.

“Cyber security talent shortages, outdated IT infrastructure and remote work are the greatest challenges in today’s operating environment.

“Organisations must improve their automation, remediation and resiliency capabilities to defend against increasingly sophisticated attacks,” Palma said.

The report, written by CSIS and based on research conducted by Vanson Bourne, surveyed 800 IT decisions makers in Australia, France, Germany, India, Japan, the United Kingdom and the United States, from a variety of industries. It highlights the volume and severity of nation-state cyber attacks as substantial problems for the international community and organisations are looking to governments to help solve.

As well as the threat landscape and the need for private/public partnerships, the report has found that 92 per cent of respondents have faced or suspect they have faced a nation-state backed cyber attack in the last 18 months or expect to face one in the future.

The report also finds most organisations struggle to confidently and accurately determine if a cyber attack is linked to a nation-state given technical challenges and the efforts hackers go to hide their identity. Unlike cyber criminals, nation-state actors focus on conducting intelligence operations to gain intellectual property and data to serve an economic or military goal, while also leaving backdoors in organisation infrastructure for re-entry.

The risk to organisations is significant, with the average nation-state-backed cyber attack costing an estimated $1.6 million per incident. Yet the report finds 10 percent of organisations surveyed do not have a cyber security strategy.

While access to consumer data was the motive for nearly half of reported state-backed incidents, only 33 per cent of organisations reported reaching out to their customers to disclose the incident. The respondents view personally identifiable information (PII) related to either their customers or employees – as one of the main factors they would be targeted (46 per cent and 40 per cent, respectively). As organisations prepare their cyber security strategies, risks to reputation and trust are at stake. Transparency with end customers is key and should be considered in addition to ensuring direct communication with cyber security vendors, partners and government agencies.

The report found 92 per cent of respondents were willing to share information about an attack, but not always the full details. Overall, organisations are looking to the government for guidance into how they can protect themselves while being hindered by a lack of breach disclosures. About 90 per cent of respondents think the government should do more to support and protect critical infrastructure from cyber attacks.

In the US, programs like the Cyber Safety Review Board, CISA’s Shield Up and the White House’s new Office of the National Cyber Director are examples of programs governments worldwide should continue to develop to help protect critical infrastructure.

Nation-states and their criminal proxies are some of the most dangerous cyber attackers because they are capable, best resourced and extremely persistent, according to James Lewis, senior vice-president and director, strategic technologies program for CSIS.

Its not surprising that nation states, particularly China and Russia, are behind many of the cyber attacks organisations experience; what is surprising is that 86 per cent of respondents in this survey believe they have been targeted by a group acting on behalf of a nation-state, and only 27 per cent are completely confident in their organisations ability to recognise such an attack in contrast to other cyber attacks, Lewis said.

[Related: PM officially opens sovereign IC3 East facility]

cd intro podcast

Introducing Cyber Daily, the new name for Cyber Security Connect

Click here to learn all about it
newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.