EXECUTIVE SUMMARY:
Evading nation-state hacking is turning into an endurance sport; it’s fast-paced, riddled with narrow misses, and any slip-up can prove immensely dangerous.
And like base-jumping, bobsledding or any other adrenaline pumping adventure, it requires training, financial resources and recovery plans.
Cyber security experts recently discovered that nation-state hackers are concentrating their efforts on organizations in the telecommunications, public works, aviation and security industries, along with IT services. Click To TweetGovernment-backed hacking units deliberately exploited publically listed VPN bugs to secretly infiltrate companies across the globe, according to a new report. “…groups have developed good technical offensive capabilities and are able to exploit 1-day vulnerabilities in relatively short periods of time”. Hackers can beat systems in just a few hours.
Attackers design these VPN attacks with the intention of planting backdoors within companies that they can exploit at a future date. This slew of backdoors into networks could potentially be used to deploy “data-wiping malware” that can damage or destroy businesses.
Alternatively, even if the affected companies do not incur a hack, it’s possible that attackers could conduct supply chain attacks against clients. Supply chain attacks are clearly growing increasingly popular among hackers. On February 10th, the FBI issued an alert to US-based private sector companies about the issue. Like a pro athlete, you may have to test out new strategies to win.
Be sure to hit the ground running. Train your employees, and invest in the right tools to make your organization more resilient.
Get the full story from ZDNet.
