lolloj - Fotolia
Infosec pros expect increase in nation state cyber attacks
Most information security professionals expect a rise in nation state cyber attacks, with more than two-thirds preparing to defend against them
Almost all (93%) of more than 400 information security professionals polled at Infosecurity Europe 2018 in London said they think nation-state cyber attacks will increase in the next 12 months.
The prediction comes in the wake of official UK and US attribution of WannaCry to North Korea and accusations against Russia of targeting government and private network infrastructure.
Most respondents to the poll, by security firm Tripwire, said the scope of nation-state attacks is evolving in more troubling ways, with 83% saying they believe nation states will expand their targets to attack more non-government organisations in the coming year.
This chimes with the view of former GCHQ director general Robert Hannigan, who told delegates at Infosecurity Europe that cyber attacks by nation states used to be a small part of the problem for state authorities to address, but now all organisations are potential targets.
A large majority of respondents (83%) also believe that nation-state attacks on critical infrastructure will increase in the coming year, with the same proportion saying such attacks will go beyond espionage and will aim to cause direct harm.
“Recent threats like Triton/Trisis and Industroyer/CrashOverride have made it clear that cyber attacks can have dangerous physical impacts on critical infrastructure,” said Tim Erlin, vice-president of product management and strategy at Tripwire. “Securing critical infrastructure at the industrial control system layer, where physical meets digital, is absolutely crucial.”
However, the survey suggested that organisations are taking action against this rising threat, with 69% taking attack attributions into account and saying their organisations have increased efforts to defend against nation-state attacks in the past 12 months.
Read more about critical infrastructure security
- MPs see risk to critical infrastructure as top threat.
- Cyber attack warnings highlight need for critical infrastructure providers to be prepared.
- US warns of cyber attacks on critical infrastructure.
- UK critical infrastructure skipping security checks.
- Airbus helps drive critical infrastructure cyber security.
“Knowing who you are up against can be a helpful input for your defence strategy,” said Erlin. “However, attribution as a rule is tricky, and attackers can put up very sophisticated false flags to make someone else look like the attacker. Knowing your adversary can be helpful in responding to an attack, but in building a proactive defence strategy, you don’t want to get distracted by who the threat actor is versus preparing for the actual threat.”
Despite consensus that nation-state attacks will rise and evolve in nature, the survey results showed a fair amount of confidence in defending against them. When asked how prepared they felt in defending against nation-state attacks, 60% said they felt “fairly prepared” and 22% felt “very prepared”, while only 18% said they did not feel prepared.
For those feeling unprepared, Erlin said they should focus on building a strong foundation. “Make sure you understand what your attack surface is, minimise it as much as you can by hardening and managing vulnerabilities, and then monitor your environment for change,” he said.