Two-thirds of attributable cyber attacks now come from state-backed attackers, lending weight to warnings from national security agencies about the scale of the threats faced by enterprises and public services alike.
Analysis from Netskope shows a marked escalation in state-sponsored attacks in recent years, with the company warning this trend shows no sign of slowing down.
Sanjay Beri, CEO and co-founder of Netskope, said cyber attacks waged by nation state actors now represent a form of ‘quiet war’.
"Under the surface of this worldwide escalation is a varied picture of different states pursuing widely divergent cyber attack strategies,” he said.
While attention has largely focused on the risks from Russia, China and Iran, data from Netskope indicates that North Korea is currently the world's biggest offender in terms of the number of victims.
It's been targeting victims en-masse through cyber crime and cryptocurrency theft, with the goal of stealing money to fund its military.
China and Russia, meanwhile, account for the second and third greatest number of attacks. Unlike North Korea, however, their goal is to disrupt and damage highly targeted pieces of critical national infrastructure, leading to a smaller number of higher impact, more targeted attacks.
Examples include the targeting of NHS England and the Electoral Commission, both of which were highly disruptive.
"The difference between North Korea’s cyber ‘carpet bombing’ and Russia’s ‘precision strikes’ means that if you’ve fallen victim to an online phishing attack, it’s unlikely that Russian government-backed actors were the cause," said Beri.
"If, however, a critical piece of national infrastructure is down, then it’s more likely that they are. Understanding these nuances is critical for businesses and individuals operating in today’s connected world - because the first and most important step in putting in place the best cyber defense strategy is understanding who is targeting you, what their goals are, and how they’re trying to achieve them."
State sponsored cyber attacks are wreaking havoc
Earlier this summer, the UK’s National Cyber Security Centre (NCSC), along with US and South Korean authorities, warned that a North Korea-linked threat group known as Andariel was compromising organizations around the world to steal sensitive and classified technical information and intellectual property data.
RELATED WHITEPAPER
While it mainly targeted defense, aerospace, nuclear, and engineering entities, it also hit organizations in the medical and energy sectors to a lesser extent, stealing information such as contract specification, design drawings, and project details.
In March this year, the UK government warned that the Chinese state-sponsored attacks on parliamentarians and on the Electoral Commission would not be tolerated.
This particular incident prompted the government to summon the Chinese Ambassador and sanction a front company and two individuals identified as members of the APT31 hacking group.
Similarly, late last year, Russian-backed threat actors were thrust into the spotlight after the NCSC exposed a campaign by Russian Intelligence Services to interfere in UK politics and democratic processes.
More from ITPro
- The Iran cyber threat: Breaking down attack tactics
- State-sponsored cyber attacks: The new frontier
- What threat do nation state hackers pose to businesses?
-
Cisco takes aim at AI security at RSAC with ServiceNow partnershipNews The companies claim Cisco AI Defense and ServiceNow SecOps will help address new challenges raised by AI
-
Why veterans can excel in data centers – and could help the IT sector address its skill shortagesIn-depth Ex-military workers can bring software and hardware to civilian roles
-
Five Eyes cyber agencies issue guidance on edge device vulnerabilitiesNews Cybersecurity agencies including the NCSC and CISA have issued fresh guidance on edge device security.
-
"Thinly spread": Questions raised over UK government’s latest cyber funding schemeThe funding will go towards bolstering cyber skills, though some industry experts have questioned the size of the price tag
-
Modern enterprise cybersecuritywhitepaper Cultivating resilience with reduced detection and response times
-
IDC InfoBrief: How CIOs can achieve the promised benefits of sustainabilitywhitepaper CIOs are facing two conflicting strategic imperatives
-
The NCSC and FBI just issued a major alert over a state-backed hacker group – here’s what you need to knowNews State-affiliated attackers are targeting individuals via spear-phishing techniques, according to the NCSC
-
UK's data protection watchdog deepens cooperation with National Crime AgencyNews The two bodies want to improve the support given to organizations experiencing cyber attacks and ransomware recovery
-
The NCSC wants to know how your business is using honeypots to combat hackersNews The NCSC hopes to encourage the use of cyber deception techniques within the UK, across government and critical national infrastructure
-
NCSC Active Cyber Defence 2.0 refresh looks to tailor services to the security market and threat landscape
News The NCSC plans to update its Active Cyber Defence program, introducing a refresh to keep the initiative up to date with the current threat landscape
