Virtual Event Today: Supply Chain Security Summit - Register Now

Security Experts:

Connect with us

Hi, what are you looking for?



Nation-State Security: Private Sector Necessity

Attackers With the Backing and Sophistication of Nation-States Are Increasingly Targeting Commercial Entities

Attackers With the Backing and Sophistication of Nation-States Are Increasingly Targeting Commercial Entities

There is no one-size-fits-all mold for attackers in the security space. We can – and should – do our best to stay informed regarding the latest threat assessments, industry trends, and breach disclosures. While threats facing private industry and government may once have looked distinctly different, the line separating attackers pursuing these two arenas is now so blurred that it’s often hard to distinguish one from another. Nation-state attackers who once could be  identified by a combination of targets, motivations, and tactics no longer fit cleanly into a specific box. Attackers with the backing and sophistication of nation-states are now targeting commercial entities for reasons ranging from financial gains to cultivating economic, social, and political disruption.    

U.S. Director of National Intelligence Daniel Coates highlighted the uncertainly associated with these increasing threat actors in his 2018 Worldwide Threat Assessment:  

The potential for surprise in the cyber realm will increase in the next year and beyond as billions more digital devices are connected—with relatively little built-in security—and both nation states and malign actors become more emboldened and better equipped in the use of increasingly widespread cyber toolkits.” 

Attack vectors that were once reserved for highly sophisticated nation-state actors seeking diplomatic or military intelligence have now become pervasive in the commercial world. It’s now reached an undeniable scope and scale with far reaching consequences. Nation-state security is now a private sector necessity and enterprises must be informed and prepared to face these threats. 

Recently, the National Counterintelligence and Security Center initiated an awareness campaign called “Know the Risk, Raise your Shield” to warn U.S. companies of the importance of defending against nation-state attacks. The communications cite increasing attacks on government and corporate systems by groups, including Chinese, Russian, and Iranian intelligence, looking to steal databases and trade secrets. “The attacks are persistent, aggressive, and cost our nation jobs, economic advantage, and hundreds of billions of dollars,” said NCSC Director William Evanina. The effort specifically warns against the attacks on corporate supply chains, spear-phishing emails, and social media deception as possible network entry points.

The worst thing we can do is underestimate an attacker. Risk assessments and breach investigations are incredibly important in the ongoing battle to stay ahead of attackers, but the information we gather after a breach event occurs can only do so much to prevent the attack on the horizon. As great as security practitioners are, they don’t have crystal balls. At the end of the day, we’re left combating an enemy we can’t fully define and we’ve reached the point where the only safe assumption is preparing as though all attackers attempting to infiltrate your network will be armed with a nation-state level of sophistication. We continue to see a surge in the number of organizations embracing the Zero Trust security model, a concept centered on the assumption that every environment in untrusted, no matter if it’s inside or outside an organization’s perimeters.

When considering nation-state attackers, there are a number of ways to begin ensuring your organization is battle-ready: 

Know your data assets: Data and IP-rich businesses are prime targets for state actors using sophisticated techniques. These attackers often focus on an organization’s Crown Jewel data, the information that holds the most value because of its significance and/or potential for disruption. Organizations need to identify assets that fall into this category and recognize that they require an extra level of protection.   

Think like an attacker: Identify your most vulnerable attack vectors and have specific response plans in place. Conducting regular risk assessments and red-team operations is a great way to uncover potential weaknesses in your overall security posture. Such evaluations must be performed regularly – vulnerabilities develop at the speed of innovation. 

Evaluate your arsenal: Are there holes in your defenses? Ensure the products you use adhere to industry standards, evaluate your third-party touch points, and understand your best tools to combat specific threats. Standards and best practices are some of the most relevant tools we have to evaluate the effectiveness of a given technical solution. While the innovative leadership role of the private sector is undeniable, the reality is that the government and nonprofit groups issuing these recommendations have been in the battle for longer than most of the solutioning companies have been in existence. It doesn’t mean that they know everything – or share everything they know – but it is certainly worth heeding the guidance they provide.  

Continue to update and evolve: Unfortunately, an effective security strategy is a moving target. Attackers are constantly discovering new tactics and targets and so our protection strategy must be elastic as well. Sometimes this means patching and implementing incremental improvements; sometimes it means flipping the whole strategy on its head. The most dangerous security foe is often complacency. 

By recognizing the pervasiveness of nation-state attackers in the commercial market, identifying vulnerable attack surfaces, and committing to the necessary groundwork required to prepare your systems, security teams can ensure their company is ready to defend against these sophisticated attackers.  

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


The North Korean APT tracked as TA444 is either moonlighting from its previous primary purpose, expanding its attack repertoire, or is being impersonated by...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem


The U.S. government is set to green-light a more aggressive ‘hack-back’ approach to dealing with foreign adversaries and mandatory regulation of critical infrastructure vendors.