Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Organizations Feel Threat of Nation-State Attacks, Survey Shows

An increasing number of companies believe they are being targeted by state-sponsored hacking groups, a new survey shows. 

An increasing number of companies believe they are being targeted by state-sponsored hacking groups, a new survey shows. 

According to Radware’s latest Global Application & Network Security Report, of 561 respondents representing a broad range of organizations worldwide, 27% said their company was hit by nation-state hackers in 2019, a 42% increase compared to 2018, when only 19% of respondents claimed they experienced such attacks. 

With the challenges of attack attribution, and the line between nation-state and criminal hackers becoming increasingly blurred, these numbers can easily be challenged. Nonetheless, the survey demonstrates that organizations of all sizes consider the threat of nation-state attacks to be serious.

Organizations in North America are more likely to report such attacks from foreign governments, at 36%, the report (PDF) found.

“Nation-state intrusions are among the most difficult attacks to thwart because the agencies responsible often have significant resources, knowledge of potential zero-day exploits, and the patience to plan and execute operations,” Anna Convery-Pelletier, Chief Marketing Officer at Radware, commented. 

While 94% of the surveyed organizations claimed that they experienced a cyber-attack over the past 12 months, one third said they were hit daily or once a week. The survey did not elaborate on the sophistication or extent of these attacks. Education (45%), retail (39%), and banking and financial services (37%) were the sectors reporting daily attacks. Again, these numbers can be questioned, as oftentimes a simple port scan or non-targeted spam/phishing email can be considered by some to be an attack.

With that said, roughly one third of the companies that experienced cyber-attacks reported that hackers were looking for financial gain or service disruption. One in five, however, revealed that the hackers were looking to steal information.

Ransom attacks were most frequent last year, registering a 16% increase over 2018 and going back to the 2017 levels. Organizations in North America revealed that ransom was the highest motivation for the attackers, at 70%.

Advertisement. Scroll to continue reading.

The report also found that hacktivism is more prevalent in EMEA (38%) compared to the global average (28%) and that the APAC region registered the highest number of angry user retaliation: 30%, compared to the average of 20%. 

Malware and bots were most prevalent last year, being observed in 72% of the attacks, followed by socially engineered threats at 65%. The report revealed that 48% respondents experienced distributed denial of service (DDoS), 46% suffered web application attacks, 39% received ransom threats, 21% were hit by cryptominers, and 17% experienced API abuse. 

The report also demonstrated lack of visibility, with 38% reporting that they don’t know if an Internet of Things (IoT) botnet hit their network, and 46% couldn’t tell if they suffered an encrypted DDoS attack.

According to the survey, only 26% of the responding carriers said they felt well prepared for the deployment of fifth-generation (5G) networks, while another 32% admitted to being only somewhat prepared.

The report also shows that 30% of businesses cited data theft following an attack as being their top concern (a drop from 35% the previous year), while 23% consider service outages a top concern. 

Radware surveyed organizations of various sizes and from multiple industries, including government and civic services, banking and financial services, service providers/carriers, high-tech, and professional services. The respondents were located in North America (45%), APAC (28%), EMEA (16%), and Central/Latin America (11%).

Related: More Threat Groups Target Electric Utilities in North America

Related: Nation-State Security: Private Sector Necessity

Related: Increasing Involvement of Nation-states in Ransomware Attacks

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Karl Triebes has joined Ivanti as Chief Product Officer.

Steven Hernandez has joined USAID as CISO and Deputy CIO.

Data security and privacy firm Protegrity has named Michael Howard as its CEO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.