After six months of war in Ukraine, nation-sponsored cyber-warfare continues to be top of mind for security decision makers. Nearly two-thirds (64%) of organizations believe they have been targeted, or at least impacted, by a nation-state cyberattack, according to a report published by Venafi on Wednesday, August 24, 2022.
The research also found that, while 64% think the threat of physical war is a greater concern in their country than cyber-war, 68% have had more conversations about cybersecurity with their board and senior management in response to the Russia/Ukraine conflict.
Overall, 66% of organizations have changed their cybersecurity strategy as a direct response to the conflict.
“The reality is that geopolitics and kinetic warfare now must inform cybersecurity strategy. We’ve known for years that state-backed APT groups are using cybercrime to advance their nations’ wider political and economic goals,” said Kevin Bocek, VP for security strategy and threat intelligence at Venafi.
The firm, which provides machine identity management, found that the corruption of machine identity tools such as digital certificates and cryptographic keys is growing in state-sponsored cyber-attacks. The SolarWinds attack and Russia’s HermeticWiper attack, “which breached numerous Ukrainian entities just days before Russia’s invasion of the country, [are] prime examples,” reads the research.
Using these worrying findings, Kevin Bocek alerted: “Everyone is a target, and unlike a kinetic warfare attack, only you can defend your business against nation-state cyber-attacks. There is no cyber-Iron Dome or cyber-NORAD. Every CEO and board must recognize that cybersecurity is one of the top three business risks for everyone, regardless of industry.”
This Venafi study was conducted by consumer market research agency Sapio in July 2022, with 1101 security decision makers interviewed across the United States, United Kingdom, France, Germany, Belgium, Netherlands, Luxembourg and Australia.