Skip to main content
close search
site logo
Dive Brief

More cyberattacks tied to geopolitical conflict, businesses caught in the crosshairs

Published Jan. 17, 2020
Samantha Schwartz's headshot
Samantha Schwartz Reporter
Department of Defense

Dive Brief:

  • In 2019, there was a 42% increase in cyberattacks attributed to foreign governments, according to a Radware survey of more than 560 employees from international companies. Cyberattacks tied to cyberwar, or geopolitical conflict, increased from 19% in 2018 to 27%. 
  • One-fifth of businesses reported daily attacks, mainly in the education, retail, and banking and financial services industries last year. Only 6% of respondents said they didn't experience a cyberattack last year. Of those aware of a cyberattack, 13% don't know aftermath on the business's bottom line. 
  • Nation-state hackers breached two U.S. municipalities last year, according to an FBI announcement sent to industry partners last week, reported by ZDNet. The hackers leveraged a flaw in Microsoft SharePoint servers to steal data. They also left webshells for continued "backdoor persistent access."

Dive Insight:

Municipalities were easy targets for hacker groups. Organizations in the public and private sector are facing decreased security budgets and an abysmal talent pool; there are only six hires for every 10 open cybersecurity position

This month the Department of Homeland Security issued proactive guidance for the private sector amid tensions with Iran. A cyberattack is in the toolkit of Iranian nation-state actors, including espionage, surveillance, malware and disinformation campaigns. 

Constantly scouting for weakness in infrastructures, nation-state actors could be lying dormant in systems. But attack attribution remains tricky.

Existing tools for identifying attackers is unreliable. There are also federal protocols when the attackers could be a foreign government. 

"Hack back" bills have floated around in Congress, but there's always industry resistance. Most recently, the Active Cyber Defense Certainty Act — which is still waiting in committee — suggests the use of beacons to track the origins of a cyberattack. 

Beacons act as dye packs used in banks for stolen cash. Critics warn the bill doesn't outline when or under what circumstances companies should use an offensive cyber measure. Private sector cyberattack retaliation could unintentionally escalate existing tensions.

Recommended Reading

Filed Under: Security

Editors' picks

Company Announcements

View all | Post a press release
PointFive is Apparently the Hottest Cloud Startup, Here is Why
From Jordan Mitchell
November 21, 2024
Viz.ai Wins Prestigious Prix Galien USA Award for Best Digital Health Solution
From Viz.ai
November 12, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
New Research Reveals AI's Impact on IT's Power, Status, and Pay
From 1E
November 21, 2024
Editors' picks
Latest in Security
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell