Many businesses are fighting nation-state-sponsored cybercriminals as authorities across the globe invade their systems to steal data or establish a base for potential attacks in the future.
According to officials, nation-state cybercriminals recently targeted a vital port in the U.S. In August 2021, the Port of Houston, a significant infrastructure near the Gulf Coast. The officials released a statement reporting they had fought against a potential cyberattack. No systems or operational data were affected.
A recent study by University of Surrey criminologists and H.P. researchers showed a significant increase in nation-state cyberattacks in the last few years. The study further shows that businesses and enterprises are highly targeted. An assessment of nation-state hacks between 2017 to 2021 shows that more than a third of targeted organizations were businesses, media, cyber defense, crucial infrastructure, and government. However, enterprises are today leading the list.
According to the study, as mentioned earlier, regardless of the size or industry, businesses are now facing nation-state-based risks from traditional hackers. During a recently held Senate board hearing, Jen Easterly, agency security director of infrastructure and cybersecurity, revealed that the Port of Houston was targeted for an attack. Jen said she was confident a nation-state agent was responsible for the attack without mentioning which one.
“We are collaborating with intelligence agents and our interagency associates to determine the threat initiator. Doing so will enable us to safeguard our systems and hold them accountable.” Jen said.
Ohio senator Rob Portman said the attack was worrying, mentioning the U.S. had to campaign against the nation-state agents who focused on probing and committing crimes against entities both in the private and public sector.
The cyberattacks involved ADSelfService ManageEngine Plus, a password administration program. The U.S. Coast Guard, FBI, and Easterly’s agency released a collective advisory recently stating that the software vulnerability posed a severe danger to defense contractors and infrastructure companies. The key objective of these hacks is to acquire business intelligence or intellectual property with pharmaceutical institutions and technology firms at higher risk.
Previous years’ events have escalated risks because nation-states have been running campaigns to facilitate COVID-19 vaccine research. Further, many people are now working from home, where they may lack sufficient cybersecurity elements. As a result, they are at more risk of phishing and other cyber-attacks.
According to the senior criminology lecturer at the University of Surrey, Dr. Mike McGuire, nation-states strive to achieve critical cyber advantage to reinforce their military strength via theft, disruption, espionage, intelligence collection capabilities, and national interests.
Efforts to acquire IP information on vaccines and hacks facing software supply groups show the limit that nation-states are ready to surpass to fulfill their key objectives. Cybercriminals are also prepared to adopt techniques that could endanger many companies to target just a few.
Ian Pratt, the H.P. Inc. international chief of personal systems security says; hackers are ready to compromise numerous businesses and networks, creating massive collateral damage even though the attackers target smaller companies.
To safeguard networks against hackers, experts say institutions strive to segment networks and secure endpoints, ensuring that sensitive data is not in easily accessible areas should hackers invade the network. Organizations should also administer security patches regularly to protect them against common vulnerabilities.
As nation-state hacks become more complex, organizations should consider investing in robust security that allows them to be ahead of emerging threats. Cybersecurity is fast becoming a critical subject in the Biden administration. A disastrous series of hacks has endangered delicate government documents, sometimes forcing schools, hospitals, and energy companies to close down.
The espionage SolarWinds campaign that the U.S. officials blamed on Russian cyberattackers disclosed that; approximately 80% of accounts in the attorney’s offices in New York, U.S. and various other departments were highly affected. In June 2021, the A.P. (Associated Press) reported that potential Chinese state cybercriminals had targeted the biggest water agency in the country and Verizon, a telecommunications giant.
Source : HackerCombat