Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Organizations Feel Threat of Nation-State Attacks, Survey Shows

An increasing number of companies believe they are being targeted by state-sponsored hacking groups, a new survey shows. 

An increasing number of companies believe they are being targeted by state-sponsored hacking groups, a new survey shows. 

According to Radware’s latest Global Application & Network Security Report, of 561 respondents representing a broad range of organizations worldwide, 27% said their company was hit by nation-state hackers in 2019, a 42% increase compared to 2018, when only 19% of respondents claimed they experienced such attacks. 

With the challenges of attack attribution, and the line between nation-state and criminal hackers becoming increasingly blurred, these numbers can easily be challenged. Nonetheless, the survey demonstrates that organizations of all sizes consider the threat of nation-state attacks to be serious.

Organizations in North America are more likely to report such attacks from foreign governments, at 36%, the report (PDF) found.

“Nation-state intrusions are among the most difficult attacks to thwart because the agencies responsible often have significant resources, knowledge of potential zero-day exploits, and the patience to plan and execute operations,” Anna Convery-Pelletier, Chief Marketing Officer at Radware, commented. 

While 94% of the surveyed organizations claimed that they experienced a cyber-attack over the past 12 months, one third said they were hit daily or once a week. The survey did not elaborate on the sophistication or extent of these attacks. Education (45%), retail (39%), and banking and financial services (37%) were the sectors reporting daily attacks. Again, these numbers can be questioned, as oftentimes a simple port scan or non-targeted spam/phishing email can be considered by some to be an attack.

With that said, roughly one third of the companies that experienced cyber-attacks reported that hackers were looking for financial gain or service disruption. One in five, however, revealed that the hackers were looking to steal information.

Ransom attacks were most frequent last year, registering a 16% increase over 2018 and going back to the 2017 levels. Organizations in North America revealed that ransom was the highest motivation for the attackers, at 70%.

The report also found that hacktivism is more prevalent in EMEA (38%) compared to the global average (28%) and that the APAC region registered the highest number of angry user retaliation: 30%, compared to the average of 20%. 

Malware and bots were most prevalent last year, being observed in 72% of the attacks, followed by socially engineered threats at 65%. The report revealed that 48% respondents experienced distributed denial of service (DDoS), 46% suffered web application attacks, 39% received ransom threats, 21% were hit by cryptominers, and 17% experienced API abuse. 

The report also demonstrated lack of visibility, with 38% reporting that they don’t know if an Internet of Things (IoT) botnet hit their network, and 46% couldn’t tell if they suffered an encrypted DDoS attack.

According to the survey, only 26% of the responding carriers said they felt well prepared for the deployment of fifth-generation (5G) networks, while another 32% admitted to being only somewhat prepared.

The report also shows that 30% of businesses cited data theft following an attack as being their top concern (a drop from 35% the previous year), while 23% consider service outages a top concern. 

Radware surveyed organizations of various sizes and from multiple industries, including government and civic services, banking and financial services, service providers/carriers, high-tech, and professional services. The respondents were located in North America (45%), APAC (28%), EMEA (16%), and Central/Latin America (11%).

Related: More Threat Groups Target Electric Utilities in North America

Related: Nation-State Security: Private Sector Necessity

Related: Increasing Involvement of Nation-states in Ransomware Attacks

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Nation-State

The North Korean APT tracked as TA444 is either moonlighting from its previous primary purpose, expanding its attack repertoire, or is being impersonated by...

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Nation-State

FBI says a North Korea-linked threat group known as Lazarus and APT38 is behind the $100 million Horizon bridge cryptocurrency heist.

Cybercrime

Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.

Cyberwarfare

Iranian APT Moses Staff is leaking data stolen from Saudi Arabia government ministries under the recently created Abraham's Ax persona

Cyberwarfare

The UK’s NCSC has issued a security advisory to warn about spearphishing campaigns conducted by two unrelated Russian and Iranian hacker groups.

Nation-State

A China-linked hackers are exploiting a vulnerability (CVE-2022-42475 ) in Fortinet FortiOS SSL-VPN, Mandiant claims.

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...