Articles about nation-state attacks

International bad actors -- like fraudsters from Russia and China -- are driving one in eight fraud attempts in the US, seeking everything from access to government services to loans, according to a new report.

During the pandemic, government agencies were flooded with fraudulent applications that went undetected by outdated methods. This study from Socure shows AI-powered technologies are enabling fraudsters to supercharge their efforts, hitting government agencies and commercial entities at once, with relentless speed, and at scale.

Continue reading →

According to a new report, 73 percent of IT decision-makers globally are concerned about nation-state actors using AI to develop more sophisticated and targeted cyberattacks.

The study from Armis warns that AI-powered cyberwarfare attacks are now becoming a supercharged cyber weapon and urges organizations to immediately close the divide between current cybersecurity programs and future proactive preparation as threats will increase.

Continue reading →

A new report from OpenText finds that collaboration and coordination taking place between nation-states and cybercrime rings to target global supply chains and further geopolitical motives has become a signature trend in the threat landscape.

Russia has been seen to collaborate with malware-as-a-service gangs including Killnet, Lokibot, Ponyloader and Amadey, while China has entered into similar relationships with the Storm0558, Red Relay, and Volt Typhoon cybercrime rings, typically to support its geopolitical agenda in the South China Sea.

Continue reading →

A new report from phishing protection specialist Bolster identifies 24 separate nation-state threat actor groups attempting to exploit rising political tensions across the US to interfere with the 2024 presidential elections.

Attackers are leveraging AI to automate mass spam campaigns, and also to reply in real-time. This targeting and interactivity at scale increases their chances of gaining access to more sensitive data. The influx of election-themed spam is a significant cyber threat, causing widespread confusion among citizens and undermining trust in legitimate election communications.

Continue reading →

Researchers at secure browser company Menlo Security have uncovered three new nation-state campaigns employing highly evasive and adaptive threat (HEAT) attack techniques.

In a 90-day period, the campaigns -- LegalQloud, Eqooqp, and Boomer -- compromised at least 40,000 high-value users, including C-suite executives from major banking institutions, financial powerhouses, insurance giants, legal firms, government agencies, and healthcare providers.

Continue reading →

New research shows that 49 percent of UK businesses have reported cyberwarfare incidents to the authorities.

The report from Armis also shows 52 percent of UK IT leaders believe the government can't defend its citizens and enterprises against an act of cyberwarfare.

Continue reading →

Insider threats are usually thought of as being down to disgruntled or careless employees, but a new report from risk management specialist DTEX finds insiders have never been more vulnerable to interference from nation state actors.

The report, by the DTEX Insider Intelligence and Investigations (i3) team, based on more than 1,300 investigations within DTEX's global customer base, finds investigations into insider threats from nation-states and foreign interference increased 70 percent since 2022, mainly within critical infrastructure and public sector.

Continue reading →

Cloud intrusions increased by 75 percent overall last year as adversaries set their sights on the cloud through the use of valid credentials.

This is one of the findings of the 2024 CrowdStrike Global Threat Report released today. It notes an increase in interactive intrusions and hands-on-keyboard activity (60 percent) as adversaries increasingly exploit stolen credentials to gain initial access at targeted organizations.

Continue reading →

A new report from cloud risk and detection specialist Rapid7 reveals that Japanese businesses have become a significant target for state-sponsored cyberattacks.

This increased vulnerability has been driven by a fragile global economy and increased political and diplomatic tensions. The Japanese automotive industry and financial services sectors are of particular interest to these actors due to their global reach.

Continue reading →

A malware toolkit dubbed 'Decoy Dog' has command-and-control (C2) propagated to a Russian IP and is selectively targeting organizations worldwide -- and going undetected.

The Infoblox Threat Intelligence Group is the first to discover Decoy Dog and the company is collaborating with other companies in the security industry, as well as customers, to identify and disrupt this activity.

Continue reading →

New research from Venafi into the rise of nation-state cyberattacks and their links to geopolitics has revealed that two-thirds (64 percent) of security decision-makers suspect that their organization has been directly targeted or impacted by a nation state attack.

In addition, 77 percent believe we're in a perpetual state of cyberwar, while 66 percent of companies say they have changed their security strategy as a direct response to the war in Ukraine.

Continue reading →