Nation-state attacks are a mounting concern for security professionals, who reportedly expect to see a rise in cyber-attacks amid the backdrop of increasing geopolitical tensions. According to a Tripwire survey conducted at Infosecurity Europe 2018, the vast majority of respondents anticipate more nation-state attacks over the next 12 months.
Tripwire surveyed 416 conference attendees to gauge their expectations for the future, and almost all of them (93%) believe more trouble is on the way, with 83% saying they believe nation-states will expand their targets beyond government entities. The same amount of respondents believe that critical-infrastructure attacks from nation-states will rise and that attackers will intentionally cause direct harm.
“Recent threats like Triton/Trisis and Industroyer/CrashOverride have made it clear that cyberattacks can have dangerous physical impacts on critical infrastructure,” said Tim Erlin, vice president of product management and strategy at Tripwire. “Securing critical infrastructure at the industrial control system layer, where physical meets digital, is absolutely crucial.”
One issue with defending against nation-state attacks is that the threat can be a malicious insider, as was the case earlier this year when ObserveIT wrote about Chinese-born Greg Chung in a 23 March post, "Spies Among Us: The Rise of State-Sponsored Insider Threats." Chung claimed he was trying to “help the motherland” when he collected secret information to help his home country of China develop its own space program.
“Insider nation-state attacks pose one of the biggest threats to organizations,” said Mike McKee, CEO, ObserveIT. “These insiders might be trusted third-party contractors, privileged users or business employees that, for either malicious or non-malicious reasons, decide to collude with an outside nation to exfiltrate data. It has been shown that these actors are motivated by varying reasons, including financial greed, anger or revenge, ideology, patriotism, personal or family challenges, or organizational conflicts.”
Given the increased risk from nation-states, it’s not surprising that Lithuania's defense minister, Raimundas Karoblis, announced that Lithuania – along with counterparts from Croatia, Estonia, the Netherlands and Romania – are forming an new EU defense pact.
In an effort to confront what Lithuania has reportedly described as “hostile cyber activities” from Russia, the country has enhanced its own cyber capabilities. Karoblis has actively lead the EU defense pact project, which is expected to have Luxembourg, Finland, France, Poland and Spain sign on as well.