A Venafi survey shows: over 60 percent of companies suspect that they have been the target of nation-state attacks or are affected by them. According to the current study, two-thirds of companies have changed their cyber strategy in response to the war in Ukraine.
Venafi, the inventor and leading provider of machine identity management, publishes the results of a recent study examining the impact of attacks by actors on behalf of nation states and recent geopolitical changes on IT security. The survey of more than 1.100 security decision makers worldwide (of which 201 in DACH) found that 66 percent (69% in DACH) of companies have changed their cyber security strategy in direct response to the conflict between Russia and Ukraine. Almost two thirds (64% worldwide as well as in DACH) assume that their company is either directly affected by a cyber attack by a nation state or was affected by it.
Other important results of the study
- 77 percent (76% in DACH) believe the world is in a constant state of cyberwar.
- 82 percent (80% in DACH) believe that geopolitics and cybersecurity are inextricably linked.
- More than two-thirds, 68% (77% in DACH), have had more conversations with their board and senior management in response to the conflict between Russia and Ukraine.
- 63 percent (71% in DACH) doubt they would ever know if their company had been hacked on behalf of a nation state.
- 64 percent (67% in DACH) believe that the threat of a physical war in their country is (still?) more worrying than a cyber war.
"Cybersecurity has always been intertwined with international politics, but the data shows that this fact has a direct impact on security strategy," said Kevin Bocek, vice president, security strategy and threat intelligence at Venafi. “We have known for years that state-backed APT groups use cybercrime to advance their countries' broader political and economic goals. Recent attacks, such as the one that killed SolarWinds, as well as recent geopolitical shifts, have made it abundantly clear that frequent assessment of the risks associated with nation-state attacks should be part of every organization's IT security strategy.”
Nation-state cyber attacks are increasing
Research into the methods of nation-state threat actors shows that the use of machine identities in state-sponsored cyberattacks is increasing. The digital certificates and cryptographic keys that serve as machine identities are the foundations of security for all secure digital transactions. Machine identities are used by everything from physical devices to software to containers to authenticate and communicate securely.
Further investigation has also revealed that Chinese APT groups engage in cyber espionage to advance China's international intelligence services, while North Korean groups channel the proceeds of cybercrime directly into the country's weapons programs. The SolarWinds attack, which compromised thousands of companies by exploiting machine identities to create backdoors and gain trusted access to critical assets, is a prime example of these observations. The recent Russian attack HermeticWiper, which penetrated numerous Ukrainian facilities just days before the Russian invasion of Ukraine, used code signing to authenticate malware. This is another example of machine identity abuse.
Cyber espionage by APT groups
“Attacks by nation states are very sophisticated and often use techniques that were previously unknown. That makes them extremely difficult to fend off,” Bocek continues. “As machine identities are routinely used as part of the attack chain in government attacks, every organization needs to increase their efforts in managing these critical security assets. Exploiting machine identities is becoming the modus operandi for many national threat actors.”
About the poll
The Venafi study, conducted by Sapio in July 2022, examined the opinions of 1.101 security decision makers in the United States, United Kingdom, France, Germany, the Benelux countries (Belgium, Netherlands, Luxembourg) and Australia.
More at Venafi.com
About Venafi
Venafi is the cybersecurity leader in identity management for machines. From on-premises to the cloud, Venafi solutions manage and protect identities for all types of machines - from physical and IoT devices to software applications, APIs and containers. Venafi provides global visibility, lifecycle automation, and actionable intelligence for all types of machine identities and their associated security and reliability risks.