You can’t attend Transform 2022? View all summit sessions in our on-demand library now! See here.
Few threats concern businesses as much as nation-state attacks. The scale and complexity of these attacks are capable of penetrating the defenses of even the most experienced security team, and like Russia-Ukraine. cyber war Moving on, there are a lot of threats going on around.
One research published earlier this year found that only 27% of respondents said they had complete confidence in their organization’s ability to distinguish between state-state cyberattacks and threats. other.
Unfortunately, these attacks are only becoming more common. New research, released today by the machine identity management vendor, Venafifound that 64% of security decision-makers suspect their organization has been directly targeted or impacted by a country-level cyberattack.
Cyberwar not only affects countries and entities affiliated with Russia or Ukraine, but also affects organizations globally, as cybercriminals develop increasingly complex threats.
The problem with nation-state attacks
As a threat, nation-state attacks are perhaps the hardest type of attack to combat because they often have financial backing from their governments to create novel attack techniques, never seen.
“Unfortunately, defending against cybercrime at the national level is very difficult. They are well-funded, highly sophisticated and have the ability to think clearly to find new ways to attack the network, said Kevin Bocek, vice president of security strategy and threat intelligence at Venafi. using techniques we’ve never seen before.”
At the start of the Russo-Ukrainian war, it was acknowledged that state-of-state attacks would increase. One Gartner the poll found that more than a quarter of organizations in North America and Europe, the Middle East and Africa (EMEA) reported taking some type of cybersecurity action in response to Russia’s invasion of Ukraine. .
Many organizations have attempted to structure their defenses around minimizing the tactics, techniques, and procedures (TTPs) used by Russian threat actors, while enhancing their ability to respond to threats. incident response or threat intelligence capabilities. However, there is still much work to be done to reduce the risk of attacks between countries.
Machine Identity Management as a Solution
Bocek argues that organizations need to embrace management machine identity if they want to address the risks of nation-state attacks.
In practice, that means identifying machines throughout the environment, and securely circulating digital keys and certificates to ensure that unauthorized access can’t happen.
His reasoning is that many attacks are enabled by machine-signing identities, which businesses need to be able to identify and mitigate to secure their environments.
“Without effective management of machine identities, we will continue to see APT groups thrive and state-of-state attacks will continue to affect businesses and governments”. “Automating machine identity management can help get this element of security out of the hands of already stressed security teams.”
Bocek’s insight suits Forrester analytics, where notes identify and manage access (I’M) strategies cannot focus on protecting human identities alone and recommend that organizations work to maintain continuous visibility to machine identities.
VentureBeat’s mission is a digital city square for technical decision-makers to gain knowledge of transformative enterprise technology and transactions. Learn more about membership.