IT execs fear trickle-down of Nation State attack tools will hurt business
IT executives fear the trickle-down of Nation State tools and techniques will hurt their business, according to a new survey.
HP Wolf Security released the findings of a global survey of 1,100 IT decision makers examining their concerns around rising Nation State attacks. According ton the survey, 72% of respondents said they worry that Nation State tools, techniques, and procedures could filter through to the dark net and be used to attack their business.
According to HP, such concerns are well-founded. In recent months, evidence has emerged that techniques deployed in the SolarWinds supply chain attack have already been adopted by ransomware gangs – a trend likely to continue.
“Tools developed by nation states have made their way onto the black market many times. An infamous example being the Eternal Blue exploit, which was used by the WannaCry hackers,” says Ian Pratt, global head of security, personal systems, HP Inc.
“Now, the return on investment is strong enough to enable cybercriminal gangs to increase their level of sophisticated so that they can start mimicking some of the techniques deployed by Nation States too," he says.
"The recent software supply chain attack launched against Kaseya customers by a ransomware gang is a good example of this. This is the first time I can recall a ransomware gang using a software supply chain attack in this way.”
Pratt says now that a blueprint has been created for monetising such attacks, they are likely to become more widespread.
"Previously, an Independent Software Vendor (with a modest-sized customer base that didn't supply government or large enterprise may have been unlikely to become targeted as a stepping-stone in a supply chain attack," he says.
"Now, ISVs of all types are very much in scope for attacks that will result in compromised software and services being used to attack their customers.”
Beyond the risk from cybercriminals, the survey found more than half (58%) of ITDMs are worried their business could become a direct target of a Nation State attack. A further 70% believed they could end up being “collateral damage” in a cyber war.
When discussing specific concerns relating to a Nation State cyber-attack, sabotage of IT systems or data was the main worry, shared by almost half of respondents (49%).
Other concerns included:
- Disruption to business operations (43%)
- Theft of customer data (43%)
- Impact on revenues (42%)
- Theft of sensitive company documents (42%)
Further highlighting this risk, a recently commissioned academic study by HP Wolf Security – Nation States, Cyberconflict and the Web of Profit – found that the enterprise is now the number one target for Nation State attacks.
“This is a very real threat that organisations need to take seriously," says Pratt.
"Whether defending against a cybercriminal gang using Nation State TTPs, or a Nation State itself, organisations are facing an even more determined adversary than ever before.
"Businesses of all sizes need to re-evaluate their approach to managing cyber-risk in the face of this. There is no single tool or technique that will be effective, so organisations must take a more architectural approach to security," he says.
"This means mitigation through robust security architectures that proactively shrink the attack surface, through fine-grained segmentation, principles of least privilege, and mandatory access control.”