Financial institutions

Financial institutions face cyberattacks from nation-state actors amid political unrest

Nearly 90% of IT security professionals surveyed by Trellix and CSIS say they believe they have been targeted by state actors. Pictured: Mourners mourn Ukrainian servicemen during a funeral service at Lychakiv Cemetery on March 28, 2022 in Lviv, Ukraine. (Photo by Joe Raedle/Getty Images)

As open warfare rages in Ukraine, Russia’s long-promised cyberattacks are also hitting targets in the US financial sector.

A report released Monday examining how IT security officials perceive malicious actors in nation states and how they attack organizations in other countries.

Research from cybersecurity service provider Trellix in partnership with the Center for Strategic and International Studies (CSIS), based on a survey of more than 800 IT security professionals worldwide, found that 86% of respondents believe they have been the target of a cyberattack carried out by a group acting on behalf of a nation state. And just over a quarter of respondents (27%) say they have complete confidence in their organization’s ability to differentiate nation-state cyberattacks from other cyberattacks.

Only 1 in 10 organizations surveyed do not have a cybersecurity strategy. However, 90% of respondents say the government “should do more to support organizations and protect critical infrastructure against state-sponsored cyberattacks,” according to the report.

More than 90% also said they were willing to publicly share information when faced with a nation-state cyberattack, though not always with full details of the attack or its effects.

Russia and China most likely suspected of being behind cyberattacks on nation states

Unsurprisingly, the Trellix-CSIS report found Russia and China among the most likely suspects of launching a successful cyberattack resulting in data loss, service disruption and industrial espionage, which could lead to significant costs for the financial organizations attacked.

“As geopolitical tensions increase, so does the likelihood of nation-state cyberattacks,” Bryan Palma, CEO of Trellix, said in a press release. “Cybersecurity talent shortages, outdated IT infrastructure and remote working are the biggest challenges in today’s operating environment. Organizations need to improve their automation, remediation, and resilience capabilities to defend against increasingly sophisticated attacks.

Businesses are concerned about potential attacks from state actors, as well as well-funded cybercrime networks. According to the Trellix survey, 92% of companies surveyed have suffered or may have suffered a state-sponsored cyberattack in the past 18 months or expect to suffer one in the future. The average state-sponsored cyberattack costs a company approximately $1.6 million per incident.

Only a third (33%) of companies surveyed by Trellix actually disclosed breach information to their customers. Respondents believe that personally identifiable information (PII) about their customers or employees (46% and 40%, respectively) could be misused by malicious actors. Additionally, 92% of organizations surveyed said they would share information about a cyberattack. And 9 in 10 companies think the government should be doing more to provide cybersecurity protection.

Ninety percent of respondents think the government should do more to support and protect critical infrastructure from cyberattacks. In the United States, programs such as the Cyber ​​​​Safety Review Board, the Cybersecurity and Infrastructure Security Agency’s Shield Up, and the new Office of the National Director of Cybersecurity in the White House are examples of programs that the Governments around the world should continue to expand to help protect critical infrastructure.

“Nation states and their criminal proxies are among the most dangerous cyber attackers because they are capable, have the best resources, and are extremely persistent,” said James Lewis, senior vice president and program director for strategic technologies at the CSIS, in a press release.

“It’s no surprise that nation states, particularly China and Russia, are behind many cyberattacks suffered by organizations,” Lewis says. “Surprisingly, 86% of respondents in this survey believe they have been targeted by a group acting on behalf of a nation state, and only 27% are completely confident in their organization’s ability to recognize such an attack unlike others. cyber attacks.”