Home » Cybersecurity » Nation State Attacks and How to Protect Your Business

Nation State Attacks and How to Protect Your Business
Russia's invasion of Ukraine has increased concerns that U.S. companies of all sizes and critical infrastructure could be at risk of cyber attacks as part of the broader nation-state conflict.

Home » Cybersecurity » Nation State Attacks and How to Protect Your Business

Nation State Attacks and How to Protect Your Business

Russia's invasion of Ukraine has increased concerns that U.S. companies of all sizes and critical infrastructure could be at risk of cyber attacks as part of the broader nation-state conflict.

The head of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), Jen Easterly, recently tweeted, “While there are no specific threats to the [United States] at this time, all organizations must be prepared for cyberattacks, whether targeted or not.” 

The United States government has also issued warnings about the potential for an attack similar to NotPetya, a cyberattack in 2017 that targeted Ukraine but claimed victims worldwide, resulting in billions of dollars in losses. While the cyberattacks currently appear to be focused on Ukraine, the United States, its allies, and the businesses within them should be prepared for retaliatory attacks over severe economic sanctions announced by President Joe Biden following the invasion.

Escalating Threats To Your Business

Ukrainian government entities, financial institutions, and other key organizations faced website defacements, distributed denial-of-service (DDoS) attacks, and destructive malware in the weeks leading up to the invasion on February 24th. On February 23rd, researchers at Symantec and ESET discovered a new wiper malware named “HermeticWiper,” used against Ukraine. 

Symantec warned that with an invasion underway, there remains a high likelihood of further cyberattacks against Ukraine and other countries in the region. And the availability of this new wiper malware will likely create opportunities for other cybercriminals to begin random attacks on organizations that are not associated with the invasion of Ukraine – elevating the risk further. 

Cybersecurity experts and the United States government continue to monitor the ongoing threats and have warned that businesses and organizations should take immediate precautions to secure their organizations.

The Nature of Nation-state Cyberattacks

The techniques used by nation-state attackers are similar to those used by other cybercriminals. However, because these bad actors are working for a nation-state, they are likely to be well funded and able to work without fear of retribution from their own countries – potentially making them more dangerous. 

Motivations behind nation-state attacks vary widely, common goals of the attacks include:

  • stealing secret information
  • seeking financial gain
  • exacting retaliation
  • extorting ransoms
  • meddling in elections
  • negotiating leverage
  • preparing for war

One of the most frequent targets for nation-state attacks is the public sector (34%), according to Advisen data. But attacks on private sector companies are quickly increasing.  Recent research found that 35% of all nation-state attacks target enterprises and are often fueled by international competition to steal intellectual property.  

Nation-state Attacks by Industry

  • Public Administration 34% 34%
  • Information 17% 17%
  • Manufacturing 12% 12%
  • Health Care 12% 12%
  • Other Services 7% 7%
  • Professional, Scientific, & Technical Services 7% 7%
  • Finance & Insurance 6% 6%
  • Admin, Support, Waste Management & Remediation 5% 5%

Nation-state attacks often (47%) focus on disrupting networks and websites to bring down online services such as websites and cause significant business interruption losses. For example, a cyberattack at DSW Shoe Warehouse in 2020 shut down their digital sales capability for two weeks, contributing to a $652 million decrease in sales from the prior year, according to Advisen data. The second most common type of nation-state attack is Malicious data breaches (40%). 

Nation-state Attacks by Type

  • Network/Website Disruption 47% 47%
  • Data Malicious Breach 40% 40%
  • Phishing, Spoofing, Social Engineering 7% 7%
  • Industrial Controls & Operations 5% 5%
  • IT – Processing Errors 1% 1%

Top 11 Tips for Increasing Cyber Security 

Nation-state and general cyber-attacks are becoming wider-spread and are causing more damage than ever before. However, even if you don’t currently have the resources to bring in an outside expert to test your computer systems and make security recommendations (something we strongly advise), there are several straightforward and economical steps you can take to reduce your risk of a costly cyber-attack. 

It may seem overwhelming, but there are ways to reduce the risk of falling victim to such attacks. Here are some loss-control suggestions you can implement within your organization immediately:  

    1. Regularly train and test your employees. Employee training should be ongoing and include clear communications, drills, and targeted tests to assess employees’ ability to identify and report attempted phishing attacks, social engineering, and email compromise. 
    2. Install, use and regularly update antivirus and antispyware software on every computer used in your business.
    3. Use a firewall and a virtual private network (VPN) for your internet connection.
    4. Regularly monitor your software versions. Download and install software updates for your operating systems and applications as soon as they become available.
    5. Schedule and perform regular backup copies of business data and information. Store backups of critical data in a secure, offline location to minimize losses in the event of a ransomware attack.
    6. Take precautions with your physical computers and network components and limit the risk of unauthorized access, loss, and theft. Control and restrict physical access to your computers and network components by keeping them secure. 
    7. Isolate networks to avoid unauthorized traffic and lower risks. Remove internal networks from the internet when possible. It should be tightly controlled, one-way paths for moving data into the network when access is needed.
    8. Don’t share accounts and logins. Instead, make sure you require individual user accounts for each employee. 
    9. Protect your business from employee errors and internal cybercrime. Limit employee access to data and information, and limit authority to install the software. 
    10. Manage passwords safely. Regularly maintain password requirements and communicate them to employees, change passwords and never store them on your browser—leverage secure password vaults such as LastPass. 
    11. Conduct thorough vendor due diligence. Before forming a partnership, complete a comprehensive security screening and reference check of a potential vendor.

Additional Resources

The Federal Communications Commission has developed a tool to help you create and save a custom cyber security plan for your business. The tool allows you to choose from a menu of expert advice to address your unique business needs. In addition, the CISA launched Shields Up, a program with guidance for preventing, detecting, and minimizing the impact of cyber events.

Additional support and expertise can be secured by working with qualified cyber security and technology firm that can help you manage the daily risks that your business faces. 

 

Your Risk Management Partner

As Risk Managers, we help you insure against risks to your business and help you avoid losses altogether by leveraging operational tools and resources.

A data breach could significantly impact your small business, costing you thousands or millions of dollars in lost sales and damages. We have the tools necessary to ensure our clients have proper protection against losses from cyber-attacks. Current clients receive complimentary access to the following cyber security tools:

 

  • Cyber Risk Exposure Scorecard
  • Cyber Security Planning Guide
  • Cyber Security Employee Training Guide
  • Business Continuity Planning Guide
  • 2022 Cyber Risk Management Guide
  • And more

The head of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), Jen Easterly, recently tweeted, “While there are no specific threats to the [United States] at this time, all organizations must be prepared for cyberattacks, whether targeted or not.” 

The United States government has also issued warnings about the potential for an attack similar to NotPetya, a cyberattack in 2017 that targeted Ukraine but claimed victims worldwide, resulting in billions of dollars in losses. While the cyberattacks currently appear to be focused on Ukraine, the United States, its allies, and the businesses within them should be prepared for retaliatory attacks over severe economic sanctions announced by President Joe Biden following the invasion.

Escalating Threats To Your Business

Ukrainian government entities, financial institutions, and other key organizations faced website defacements, distributed denial-of-service (DDoS) attacks, and destructive malware in the weeks leading up to the invasion on February 24th. On February 23rd, researchers at Symantec and ESET discovered a new wiper malware named “HermeticWiper,” used against Ukraine. 

Symantec warned that with an invasion underway, there remains a high likelihood of further cyberattacks against Ukraine and other countries in the region. And the availability of this new wiper malware will likely create opportunities for other cybercriminals to begin random attacks on organizations that are not associated with the invasion of Ukraine – elevating the risk further. 

Cybersecurity experts and the United States government continue to monitor the ongoing threats and have warned that businesses and organizations should take immediate precautions to secure their organizations.

The Nature of Nation-state Cyberattacks

The techniques used by nation-state attackers are similar to those used by other cybercriminals. However, because these bad actors are working for a nation-state, they are likely to be well funded and able to work without fear of retribution from their own countries – potentially making them more dangerous. 

Motivations behind nation-state attacks vary widely, common goals of the attacks include:

  • stealing secret information
  • seeking financial gain
  • exacting retaliation
  • extorting ransoms
  • meddling in elections
  • negotiating leverage
  • preparing for war

One of the most frequent targets for nation-state attacks is the public sector (34%), according to Advisen data. But attacks on private sector companies are quickly increasing.  Recent research found that 35% of all nation-state attacks target enterprises and are often fueled by international competition to steal intellectual property.  

Nation-state Attacks by Industry

  • Public Administration 34% 34%
  • Information 17% 17%
  • Manufacturing 12% 12%
  • Health Care 12% 12%
  • Other Services 7% 7%
  • Professional, Scientific, & Technical Services 7% 7%
  • Finance & Insurance 6% 6%
  • Admin, Support, Waste Management & Remediation 5% 5%

Nation-state attacks often (47%) focus on disrupting networks and websites to bring down online services such as websites and cause significant business interruption losses. For example, a cyberattack at DSW Shoe Warehouse in 2020 shut down their digital sales capability for two weeks, contributing to a $652 million decrease in sales from the prior year, according to Advisen data. The second most common type of nation-state attack is Malicious data breaches (40%). 

Nation-state Attacks by Type

  • Network/Website Disruption 47% 47%
  • Data Malicious Breach 40% 40%
  • Phishing, Spoofing, Social Engineering 7% 7%
  • Industrial Controls & Operations 5% 5%
  • IT – Processing Errors 1% 1%

Top 11 Tips for Increasing Cyber Security

 

Nation-state and general cyber-attacks are becoming wider-spread and are causing more damage than ever before. However, even if you don’t currently have the resources to bring in an outside expert to test your computer systems and make security recommendations (something we strongly advise), there are several straightforward and economical steps you can take to reduce your risk of a costly cyber-attack. 

It may seem overwhelming, but there are ways to reduce the risk of falling victim to such attacks. Here are some loss-control suggestions you can implement within your organization immediately: 

 

  1. Regularly train and test your employees. Employee training should be ongoing and include clear communications, drills, and targeted tests to assess employees’ ability to identify and report attempted phishing attacks, social engineering, and email compromise. 
  2. Install, use and regularly update antivirus and antispyware software on every computer used in your business.
  3. Use a firewall and a virtual private network (VPN) for your internet connection. 
  4. Regularly monitor your software versions. Download and install software updates for your operating systems and applications as soon as they become available.
  5. Schedule and perform regular backup copies of business data and information. Store backups of critical data in a secure, offline location to minimize losses in the event of a ransomware attack.
  6. Take precautions with your physical computers and network components and limit the risk of unauthorized access, loss, and theft. Control and restrict physical access to your computers and network components by keeping them secure. 
  7. Isolate networks to avoid unauthorized traffic and lower risks. Remove internal networks from the internet when possible. It should be tightly controlled, one-way paths for moving data into the network when access is needed.
  8. Don’t share accounts and logins. Instead, make sure you require individual user accounts for each employee. 
  9. Protect your business from employee errors and internal cybercrime. Limit employee access to data and information, and limit authority to install the software. 
  10. Manage passwords safely. Regularly maintain password requirements and communicate them to employees, change passwords and never store them on your browser—leverage secure password vaults such as LastPass. 
  11. Conduct thorough vendor due diligence. Before forming a partnership, complete a comprehensive security screening and reference check of a potential vendor.

Additional Resources

The Federal Communications Commission has developed a tool to help you create and save a custom cyber security plan for your business. The tool allows you to choose from a menu of expert advice to address your unique business needs. In addition, the CISA launched Shields Up, a program with guidance for preventing, detecting, and minimizing the impact of cyber events.

Additional support and expertise can be secured by working with qualified cyber security and technology firm that can help you manage the daily risks that your business faces. 

Your Risk Management Partner

As Risk Managers, we help you insure against risks to your business and help you avoid losses altogether by leveraging operational tools and resources.

A data breach could significantly impact your small business, costing you thousands or millions of dollars in lost sales and damages. We have the tools necessary to ensure our clients have proper protection against losses from cyber-attacks. Current clients receive complimentary access to the following cyber security tools:

  • Cyber Risk Exposure Scorecard
  • Cyber Security Planning Guide
  • Cyber Security Employee Training Guide
  • Business Continuity Planning Guide
  • 2022 Cyber Risk Management Guide
  • And more

The Last Word

As cyberattacks increase in frequency, cost, and complexity, it’s critical that you take every step possible to protect your business. Reach out to InsureGood to discuss cyber loss-control strategies and insurance coverages in greater detail, or visit your custom Business360 Portal for additional cyber risk management guidance and insurance solutions.

Additional Resources

software engineer testing servers for jackware

What is Jackware Ransomware?

This article provides additional information on the potential implications of jackware cyberattacks, outlines the latest real-world examples of these incidents, and offers prevention measures for businesses to consider.

Read More

Loading...