While a lot of governments decry cybersecurity attacks being made against businesses, the fact remains that many of them are also complicit in the sense that they lost control over tools they created for espionage purposes. Those tools either through carelessness or deliberate intent all too often find their way into the hands of cybercriminals. A global survey of 1,100 IT decision-makers conducted by HP Wolf Security finds nearly three-quarters of respondents (72%) worry that tools, techniques, and procedures (TTPs) created by nation-states could be employed to attack their business.
The survey finds more than half of respondents (58%) are also concerned their business could become a direct target of a nation-state attack. A total of 70% said they believe their organizations could end up being “collateral damage” in a cyberwar.
The top concerns, when faced with such threats, are sabotage of IT systems or data (49%), followed by disruption to business operations (43%), theft of customer data (43%), impact on revenues (42%), and theft of sensitive company documents (42%).
A recent study also published by HP Wolf Security in collaboration with Dr. Mike McGuire, senior lecturer in criminology at the University of Surrey suggests those concerns are valid. It finds there was a 100% rise in ‘significant’ nation-state incidents between 2017-2020. An analysis of over 200 cybersecurity incidents associated with nation-state activity since 2009 shows that enterprise organizations were the most common target (35%), followed by cyberdefense (25%), media and communications (14%), government bodies and regulators (12%), and critical infrastructure (10%).
More troubling still, the report suggests that nation-states are ‘stockpiling' Zero Day vulnerabilities and that many of them are in cahoots with cybercriminals. Some nation-states are not only making money from cybercrime; it’s also become more common for nation-states to recruit cybercriminals to conduct cyberattacks, the report suggests.
Many business and IT leaders may feel powerless to do much about this activity, but money ultimately talks. Regardless of the type of government, business leaders that drive the revenue that governments tax to fund their operations need to make it clear that espionage activity sanctioned by their nation-state has become a significant threat to the global economy. Attacks against businesses in one country will only encourage others to respond in kind.
Before too long the digital economy that is fueling most of the economic growth around the world will become imperiled. The World Bank in recognition of that fact just launched a Cybersecurity Multi-Donor Trust Fund that will be allocated to help low- and middle-income countries better defend their economies from cyberattacks. Funding for this initiative is being provided by Estonia, Germany, Japan, and the Netherlands.
As noble as that effort might be, however, it’s clear even the largest countries are finding it challenging to mount an effective defense. The only path forward that makes any sense is bi-lateral cybersecurity agreements that are based on the simple fact most countries have more to potentially lose than they can gain from cybersecurity attacks. Nation-states that fail to enforce these agreements would then need to be treated as economic pariahs by the business community. It does no good to sign an agreement when business leaders continue to make investments in nation-states that are at the same time using technology to pilfer intellectual property. Business leaders collectively need to make it clear there will be meaningful economic consequences for both engaging and abetting cybercriminals that go well beyond a few sanctions that might be levied by one country against a small number of individuals that already know how to easily evade them.
Mike Vizard has covered IT for more than 25 years and has edited or contributed to a number of tech publications including InfoWorld, eWeek, CRN, Baseline, ComputerWorld, TMCNet, and Digital Review. He currently blogs for IT Business Edge and contributes to CIOinsight, The Channel Insider, Programmableweb, and Slashdot. Mike also blogs about emerging cloud technology for SmarterMSP.