Nation state attacks, and the threat of them, appear to be evolving. The theory that these state-backed cybercriminals are focused on hacking into military or diplomatic data for competitive intelligence now needs to be broadened to other motivating factors. Nation state hackers are expanding their targets to not only government institutions, but also businesses and industrial facilities. They are using more sophisticated techniques to disrupt organizations, and their respective countries, by leaking confidential, often sensitive, information.
To proactively defend against these types of threats, the first step is to take another look at your organization from the aspect of information that would be most attractive to a nation state attacker. If your organization stores intellectual property, sensitive, personal legal or financial data [with GDPR in mind] or other consumer data, you’re ripe for a nation state threat. Certainly, consumer facing activities are a target-rich opportunity for nation state actors.
‘Keep your friends close, but your enemies closer.’ It’s a famous line from the Godfather film, and good counsel for nation state defense. Right now, do you and your team know the origin of all the critical vendors you use? Have you vetted technology acquired from companies based in nations that can pose a threat? The National Institute of Standards and Technology (NIST) is a useful resource to review for recommended restrictions on purchasing from certain suppliers or countries.
Constant vigilance and monitoring of all security processes in place is absolutely essential to defense – for nation state threats, and for all threats that can compromise your organization’s ability to do business.
From The Shadows Emerges Knowledge