Arthur’s Blog: State-sponsored cybersecurity threats.
Cyberattacks have never been more dangerous than they are today. The whole world seems to be at the peak of cyberthreat vulnerability. Just look at most recent large-scale incidents in the last few months, highlighting an unparalleled rate of effective penetration, uncovering security officials’ lack of control and visibility.
- January 2022
Several German pharmaceutical and tech companies were hacked by a Chinese hacking gang. The attack was an attempt to steal intellectual property, according to the German government.
- January 2022
Hackers breached systems belonging to the International Committee of the Red Cross, gaining access to over 500,000 users’ data.
- January 2022
A cyberattack on the Ukrainian government affected 90 websites and infected dozens of devices in government organizations with malicious software.
- September 2021
The Norwegian government claimed criminal actors funded by China were responsible for a series of cyberattacks targeting private and public IT systems. According to their investigation, the cyber criminals tried to obtain classified material about Norway’s national defense and security intelligence.
- May 2021
. A ransomware attack hit JBS, the world’s largest meat processing company, located in Brazil. Facilities in the United States, Canada, and Australia were all shut down because of the attack. The attack was attributed to REvil, a Russian speaking cybercrime group.
- May 2021
The Colonial Pipeline, the largest fuel pipeline in the United States, was hit by a ransomware attack. The pipeline was shut down and later paid a $5 million ransom.
- December 2020
The SolarWinds attack, one of the biggest cybersecurity breaches of the 21st century, was detected. The SolarWinds hack was a major security breach that affected over 3,000 SolarWinds customers, including major corporations like Cisco, Intel, Cox Communications, and Belkin. Multiple US state and government agencies, including the US Department of State and the US Department of Homeland Security, were impacted.
Advanced threats are common, and consequences are more destructive.
Hackers are taking advantage in the age of digital transformation. Being part of a globally connected web isn’t exactly a choice anymore. If you have an online presence today, you’re automatically a part of the giant network including everyone else on the web, even attackers! This is crucial for state-sponsored threat actors who plan attacks against organizations all running the same exact systems and technologies.
What’s different now?
IT reach isn’t limited to your company’s infrastructure. The whole Internet is an option now. Which is more important this perimeter is shared with all users across the globe. This means that successful breach gives attackers access to so-called “multiple supply chain layers”, including networks of third-party suppliers, partners and vendors.
Cyberattacks are turning into a powerful way to make an impact on the economy and political situation.
What’s on hackers’ radar?
All businesses regardless of scale and industry are at risk. Healthcare and pharma industries were one of the TOP targets for criminal and state-sponsored threats. In 2020, there were more big healthcare data breaches recorded than ever before! Data breaches were recorded in 2021 at two or more per day…for five months straight!
The rise of cyberattacks in the automotive industry is another newer development. As more car manufacturers implement self-driving technology the cars will become more vulnerable. There are different kinds of attacks from physical to long-range digital and now we know, a new cyber-attack method is born every time one of these new breaches of security happens in the tech space!
When it comes to automobiles, digital criminals are prioritizing access to the personal data of a car-sharing company’s customers. A single cyberattack can cost automakers $1.1 billion and car-sharing companies are the most affected of all.
What can be done to protect business in 2022?
It’s not enough to just put any security program in place to address all cyber threats…. the security program must be professional, comprehensive, and include the following:
- Knowledge about the attack surface. Because of big data, attack surfaces are larger today. You’ll need security intelligence or data analytics that provide a global vision of the attack surface and a deep understanding of all the risks.
- Ample budget. Your security team must be ready to react quickly in the event of an attack. Are you investing pre-emptively in your threat intelligence data and systems so that you are readily able to identify and combat the intrusion? Start doing it right now if you haven’t already!
- Chief information security officers (CISOs) must have an advanced incident-response function and accompanying data.
The SolarWinds breach won’t be the last large-scale supply-chain attack. It’s foreshadowing of what’s to come. So, your incident response infrastructure must be organized and tested well before you will inevitably need it. Prevention and taking early action are key to the future success of any business.