Were you unable to attend Transform 2022? Check out all of the summit sessions in our on-demand library now! Watch here.
Few threats concern enterprises as much as nation-state attacks. The scale and complexity of these attacks have the potential to break through the defenses of even the most experienced security team, and as the Russia-Ukraine cyberwar continues, there are plenty of threats to go around.
A study released earlier this year found that only 27% of respondents said they have complete confidence in the ability of their organization to differentiate between nation-state cyberattacks and other threats.
Unfortunately, these attacks are only becoming more common. New research, released today by machine identity management provider, Venafi, found that 64% of security decision-makers suspect their organization has been directly targeted or impacted by a nation-state cyberattack.
Cyberwar isn’t just affecting countries and entities affiliated with Russia or Ukraine, but organizations across the globe too, as cybercriminals develop increasingly complex threats.
MetaBeat will bring together thought leaders to give guidance on how metaverse technology will transform the way all industries communicate and do business on October 4 in San Francisco, CA.
The problem with nation-state attacks
As a threat, nation-state attacks are perhaps the most difficult types of attacks to defend against because they often have the financial support from their government to create unseen, novel attack techniques.
“Unfortunately, defending against nation-state cybercrime is very difficult. They’re well-funded, highly sophisticated, and capable of thinking outside the box to find new ways to attack networks, using techniques we’ve never seen before,” said Kevin Bocek, vice president of security strategy and threat intelligence at Venafi.
At the outset of the Russia-Ukraine war, there was recognition that nation-state attacks would increase. A Gartner poll found that over a quarter of organizations in North America and Europe, the Middle East and Africa (EMEA) reported taking some kind of cybersecurity action in response to Russia’s invasion of Ukraine.
Many organizations attempted to structure their defenses around mitigating the tactics, techniques and procedures (TTPs) used by Russian threat actors, and bolstering incident response or threat intelligence capabilities. However, there is still more to be done to mitigate the risk of nation-state attacks.
Machine identity management as a solution
Bocek argues that organizations need to get to grips with managing machine identities if they want to address the risks of nation-state attacks.
In practice, that means identifying machine identities throughout the environment, and securely circulating digital certificates and keys, to ensure that unauthorized access cannot take place.
His reasoning is that many of these attacks are enabled by code-signing machine identities, which enterprises need to have the ability to identify and mitigate to secure their environments.
“Without the effective management of machine identities, we’ll continue to see APT groups thrive, and high-profile nation-state attacks will continue to affect businesses and governments,” Bocek said. “The automation of machine identity management can help to take this element of security out of already overstretched security teams hands.”
Bocek’s insight is in line with Forrester’s analysis, which notes that identify and access management (IAM) strategies can’t focus solely on protecting human identities alone and recommends organizations work toward maintaining continuous visibility over machine identities.