Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityCybersecurity News

Concerned about Nation State Cyberattacks? Here’s how to Protect Your Organization

Hacktivist
March 26, 2020

In light of recent geopolitical events, there is heightened concern of espionage, nation state attacks and hacktivism.  In 2019, there was a 42% increase in cyberattacks attributed to foreign governments. Cyberattacks tied to cyberwar, or geopolitical conflict, increased from 19% in 2018 to 27% in 2019.  Companies in North America reported even higher nation-state attribution, at 36%.

These are not new concerns, but today attacks have increased in prevalence and sophistication and as a result, have become major threats for organizations today. What is the difference between each of these threats and how can businesses protect against them?

What is Cyberespionage?

Cyberespionage is the act of stealing sensitive data or intellectual property (IP) for competitive advantage or economic benefit. The key to cyberespionage is being covert and undetectable allowing cybercriminals to maintain a foothold in a target’s network for long durations. Often hackers stealthily enter networks and remain undetected for years. World governments operate cyberespionage teams to both protect their national interests and collect IP for their domestic industries. They hack public-sector databases and leak information from government agencies. The IP Commission estimates that counterfeit goods, pirated software and stolen trade secrets cost the U.S. economy $600 billion annually.

An example of a cyberespionage group is APT28, also known as Fancy Bear.  This Russian military intelligence nation-state group is known to have been in operation since 2008 and is notorious for different exploits and spear-phishing attacks to deploy customized malware. Once inside a network, the malware compromises, disrupts and influences political agendas around the world. The group targets government elections, the media, sporting events and global companies.

What is Cyberwarfare?

When one nation-state penetrates another nation’s networks for the purposes of causing damage or disruption, this is cyberwarfare. Nation-state cyberwarfare hackers target government agencies, critical infrastructure and industries known to contain sensitive data or property. Hackers look for any data that will benefit their country’s economy and strengthen both key business and military strategies. These attacks can shut down critical national infrastructures like energy, transportation, military contractors and government operations. 

Typically, attackers use sophisticated techniques that interrupt business operations, leak confidential information and generate massive data and revenue loss. State-sponsored groups often create and leverage custom attack vectors by incorporating previously undiscovered software vulnerabilities, called zero-day attacks. These zero-day attacks are not volumetric or detectable.  Typically, zero day attacks are extremely complex, multi-vector and often encrypted.  Security experts have “zero days” to react and must address instantly. These advanced attacks are often referred to as advanced persistent threats (APTs). Nation-state attackers also rely heavily on spear-phishing attacks to compromise a specific user and capture credentials. Once a user is compromised, attackers look to escalate privileges and deploy malware designed to compromise more users on the network and exfiltrate data.

An example of cyberwarfare organization is APT1 which is associated with the Chinese People’s Liberation Army. This government-backed group focuses on stealing trade secrets and confidential information from corporations across every vertical, with emphasis on manufacturing, engineering and electronics. They accomplish this with spear-phishing attacks, malware and password dumping to gain future access and exfiltrate targeted data.  In fact, the US Department of Justice indicted 5 alleged members of APT1, for attempted hacking of intellectual property secrets in the nuclear, solar and metal industries in the US.

What is Hacktivism?

Hacktivism activities have increased in recent months, expressing social and political agendas via cyber-protests.

Hacktivists use technology to promote a political agenda or a social change. Unlike espionage, which is performed covertly, hacktivists want to be seen. Hacktivists use the same techniques as other hackers, yet when they disrupt services, their goal is to make everyone aware of their cause.

Hacktivist tactics include website defacements to change the visual appearance of a website. Similar to graffiti, hackers change the website’s “wall” to protest and reflect the hacktivist’s message. Hacktivists also use DDoS to make a website or network unavailable to its intended users by disrupting services to the Internet. Sometimes called a virtual sit-in, the goal is draw to attention to a certain geo-political agenda.

Anonymous, LulzSec, Lizard Squad, Syrian Electronic Army and Chaos Computer Club are examples of hacktivists. These groups have intimidated corporations, government agencies and other institutions by knocking these entities' websites offline for a period of time.

How to protect your organization?

This a very tense time for the cybersecurity industry. With the recent ramp-up of cyberespionage, cyberwarfare and hacktivism, how can organizations head off digital conflict and protect themselves?

Strategic

Cyberattacks are not going away, this is not news. However, what is new is the rising threat of state sponsored cyberattacks on enterprises.  Today 20+ countries are aggressively building cyberattack organizations with the most sophisticated attack technology. Advances in artificial intelligence and high-speed networks like 5G are providing new gateways for cybercriminals to attack the geopolitical landscape. Enterprises don’t have the talent or expertise to fight government agents.  It is neither advisable or practical for every Fortune 1000 business to try to match the security defense capabilities of nationally funded cyberattacks.  Enterprises cannot spend enough money individually to have the state of the art automated defenses or hire enough security engineers to fight cyberattacks in real time. 

However, from a strategic perspective, organizations need to be vigilant and prepared.  They can start by:

  • Subscribe to intelligence feeds that identify the latest tools and attack vectors
  • Hire a managed security vendor and/or security expertise to help support you
  • Keep up to date on security trends, subscribe to intelligence feeds, identify the latest tools and attack vectors

Tactical

All organizations need to improve their cybersecurity and harden their networks when it comes to critical infrastructure.   However, we can’t expect any security technology and best practices to prevent all future cyberattacks. Therefore, a big focus needs to be on mitigating attacks when they occur and building robust systems with backups that can be recovered quickly from serious cyberattacks.

From a tactical standpoint, organizations can:

  • Make sure your portal software, as well the rest of the software on your organization is up to date and well patched
  • Obtain proper DDoS protection against attacks which does not rely on static signatures but can diagnose and put in place real time mitigation of new never seen before zero day attacks.
  • Obtain a proper Web-Application-Firewall protection, to prevent application level attacks on your website and other public services. Make sure your solution offers not only a negative security model, which statically disallows certain traffic, and a positive security model which can determine what is good safe traffic which can be allowed securely.
  • Ensure you have automation/machine learning built into your security solution that can analyze normal traffic within an enterprise and very accurately determine anomalous traffic which should be challenged or blocked.
  • Coordinate with law enforcement if you suspect you are facing a state sponsored attack. Organizations that should be on high alert include those in the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors.    Keep abreast of government warnings, current security issues, vulnerabilities, and exploits through alert systems such as the National Cyber Awareness System.

Employee Training

Today personal and professional lives have blended together due to IoT devices such as smartphones, tablets, virtual assistants, etc. Bring Your Own Device (BYOD) to work has expanded the enterprise attack surface. It’s common for BYODs to integrate to Dropbox, Slack, Salesforce and Workday, Slack, Salesforce and others.

Organizations need to train their employees and offer best practices such as:

  • Educating staff on phishing scams, DDoS attacks, etc.  Leverage training and safety tips from nonprofits such as the National Cyber Security Alliance that provide valuable resources on How to Stay Safe Online.
  • Not opening any attachments without confirming the attachment came from a trusted source. The U.S. Department of Homeland Security has some good security tips on opening up email attachments.
  • Using best practices for password protection such as two-factor authentications so that security is maximized.
  • Keep all software updated. Turn on auto-updates on your phone and laptops – don't wait to apply them. Educate your employees on the value of frequently updating software and have your IT organization build a communication program to remind employees.
  • Do not conduct any non-work-related activity while connected to the network – fantasy football, signing your kid up for soccer, etc.  Start by educating employees and if necessary implement a next gen firewall for the to block non-work-related sites.

It is up to every individual in all organizations to take ownership of their cybersecurity hygiene to make sure the company is not exploited. Nation state attacks will continue to escalate. The best way for organizations to protect themselves is through education, awareness and through the adoption of best security practices and technology. Nation state hackers are looking for the easiest way in, let’s make it difficult for them to find the door.  

KEYWORDS: cyberattack cyberespionage cybersecurity cyberwarfare hacktivism

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Leadership and Management
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cyber Tactics Column
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity Education & Training
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Coding

AI Emerges as the Top Concern for Security Leaders

Half open laptop

“Luigi Was Right”: A Look at the Website Sharing Data on More Than 1,000 Executives

Shopping mall

Victoria’s Secret Security Incident Shuts Down Website

Laptop with coding on ground

Stepping Into the Light: Why CISOs Are Replacing Black-Box Security With Open-Source XDR

Gift cards and credit cards

Why Are Cyberattacks Targeting Retail? Experts Share Their Thoughts

2025 Security Benchmark banner

Events

June 24, 2025

Inside a Modern GSOC: How Anthropic Benchmarks Risk Detection Tools for Speed and Accuracy

For today's security teams, making informed decisions in the first moments of a crisis is critical.

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

From animal habitats to bustling crowds of visitors, a zoo is a one-of-a-kind environment for deploying modern security technologies.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • ransomware

    How to Protect Your Organization from Ransomware

    See More
  • hacker-freepik

    Thinking like a hacker: Protect your company from cyberattacks

    See More
  • SaaS-security-freepik

    Why security leaders are concerned about the SaaS sprawl, and how to get a grip on it

    See More

Related Products

See More Products
  • databasehacker

    The Database Hacker's Handboo

See More Products

Events

View AllSubmit An Event
  • March 6, 2025

    Why Mobile Device Response is Key to Managing Data Risk

    ON DEMAND: Most organizations and their associating operations have the response and investigation of computers, cloud resources, and other endpoint technologies under lock and key. 
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing