Russia’s invasion of Ukraine has increased concerns that U.S. companies and critical infrastructure could be targeted as a cyber component of the broader nation-state conflict. In fact, the U.S. government has issued warnings about the potential for an attack similar to NotPetya, a cyberattack in 2017 that targeted Ukraine but claimed victims worldwide, resulting in billions of dollars in losses.
These warnings by the U.S. government are part of a long list of nation-state cyberattack concerns. Read on to learn what a nation-state cyberattack entails, what industries are most commonly victimized and how to guard against state-sponsored attacks.
The techniques used by nation-state attackers are similar to those used by other cybercriminals. However, because these threat actors are working for a nation-state, they are likely to be better funded and can work without fear of retribution as they are unlikely to be arrested in their own countries.
While the exact motivations behind nation-state attacks vary, the purposes can include:
Nation-state attacks typically target critical infrastructures, such as energy, manufacturing, and water systems. They also often target manufacturing and other industries that are considered vital to the functioning of a nation. Industries seen as containing important trade secrets and information may also be targeted.
Nation-state Attacks by Industry
The public administration sector accounts for the greatest frequency of nation-state attacks (34%), according to Advisen data. However, nation-state attacks are quickly becoming more frequent in the private sector. Recent research found that 35% of all nation-state attacks target enterprises. Nation-state attacks are often fueled by international competition.
Therefore, organizations are frequently targeted by nation-states that are trying to gain a competitive advantage through the theft of intellectual property. Increasingly, nation-state attackers are compromising organizations through their supply chains.
In 2020, for example, Nobelium, a Russian-sponsored group of hackers was strongly believed to have committed a nation-state supply chain attack. The group allegedly slipped malicious code into SolarWinds software, which was then spread to customer systems through legitimate software updates. An estimated 18,000 customers may have had malicious code installed in their software as the result of this supply chain attack. SolarWinds spent $18 million in response costs in the first quarter following the cyberattack, although the final cost may be much greater, according to Advisen data.
Nation-state Attacks by Type
Nation-state attacks frequently come in the form of network/website disruption (47%). Network/website disruption cyberattacks are typically aimed at bringing down online services, such as company websites, which can cause major business interruption losses. For example, a cyberattack at DSW Shoe Warehouse in 2020 shut down their digital sales capability for two weeks, contributing to a $652 million decrease in sales from the prior year, according to Advisen data.
Malicious data breaches account for the second-greatest frequency of nation-state attacks (40%). Phishing, spoofing, and social-engineering attacks are less common at 7%, according to Advisen data.
Employer Loss-control Tips
Nation-state attacks are becoming wider-spread and are causing more damage than ever before. These attacks may seem daunting, but there are ways to reduce the risk of becoming a victim of such an attack. Here are some loss-control suggestions:
Conduct vendor due diligence. Complete a comprehensive security screening of a potential vendor before forming a partnership.
Isolate networks. Internal networks should be removed from the internet as much as possible. When access is needed, it should be isolated to tightly controlled, one-way paths for moving data into the network.
Share information. Sharing threat information between organizations, including law enforcement and governmental bodies, increases situational awareness and helps all parties monitor the threat landscape.
Train employees. Employee training should be ongoing and include targeted drills, clear communication, and tests to assess employees’ ability to identify and report attempted phishing attacks.
As nation-state cyberattacks increase, it’s critical for employers to take every step possible to protect their organizations. Reach out to Quantum Source Insurance Group LLC to discuss cyber loss-control strategies in greater detail.
With partnerships with over 200 insurance carriers, we can provide customized insurance programs for small, mid-size, and large companies to fit your company’s insurance needs and budget.
We understand that there is no one-size-fits-all insurance policy. Quantum Source is here to help you find what works best for YOUR business.
Whether it’s finding the right insurance for your teenager’s first car or securing the right coverage on your first home, we work with you to establish a plan that protects you financially from personal risks.
Quantum Source can assist you in navigating through tough insurance decisions, and help you maximize insurance dollars by protecting those you love the most at an affordable cost.
