Trickle down of nation state attack tools may harm businesses

A new study from HP Wolf Security shows that 72 percent of IT decision makers worry that nation state tools and techniques could filter through to the dark net and be used to attack their businesses.

The survey, of 1,100 decision makers around the world, also finds 58 percent are worried their business could become a direct target of a nation state attack. A further 70 percent believe they could end up being 'collateral damage' in a cyber war.

Of specific concerns relating to a nation state cyberattack, sabotage of IT systems or data is the main worry, shared by almost half of respondents (49 percent). Other concerns include: disruption of business operations (43 percent), theft of customer data (43 percent), impact on revenues (42 percent) and theft of sensitive company documents (42 percent).

"Tools developed by nation states have made their way onto the black market many times. An infamous example being the Eternal Blue exploit, which was used by the WannaCry hackers," says Ian Pratt, global head of security, personal systems at HP. "Now, the return on investment is strong enough to enable cybercriminal gangs to increase their level of sophisticated so that they can start mimicking some of the techniques deployed by nation states too. The recent software supply chain attack launched against Kaseya customers by a ransomware gang is a good example of this. This is the first time I can recall a ransomware gang using a software supply chain attack in this way."

Further highlighting the risks, a recently commissioned academic study by HP Wolf Security -- Nation States, Cyberconflict and the Web of Profit -- found that the enterprise is now the number one target for nation state attacks.

Photo Credit: Jirsak/Shutterstock