Nation states typically considered to play a small role in the cyber threat landscape are growing their influence and, thus, should be taken note of by solution providers, Optiv said this week after releasing data pointing to growing threats from places like Lebanon and The Netherlands.
The solution provider's 2018 Cyber Threat Intelligence Estimate finds that nation states like Lebanon and The Netherlands are "rising in the ranks of threat actors" through traditional tactics, such as open source and custom-built tools.
Further, the report says Lebanon, The Netherlands and other similar actors will become more of a threat as they hone their methods.
"Just because they don't command the resources of U.S. or China, doesn't mean that Lebanon and The Netherlands aren't a force in security," Courtney Falk, senior research scientist for Optiv's Global Threat Intelligence Center, told Channelnomics. "As more and different countries develop and mature their cyber capabilities, it becomes more critical to be aware of those nation states, as there will be new threats to consider."
The report points out that just a low level of technical knowledge is required to carry out these attacks, and this "should be a cause for concern amongst security professionals" in 2018.
"These groups have shown that the bar for conducting successful operations is not as high as one might think and that they can hide within the noise of modern day networks," the report says
To help mitigate the threat from these lesser-known nation-state actors, Optiv pointed to need to:
- Hold phishing awareness training regularly
- Define and implement a comprehensive update policy
- Verify downloads, and deploy them via management software when possible
- Only install mobile apps from reputable stores
Optiv's report also points to a number of security predictions for 2018.
It highlights continued pressure from nation-state actors, noting threats to the 2018 U.S. mid-term elections, as well as from bundled, cost-efficient exploitation packages.
Top of mind are growing usage of cryptomining malware and cryptocurrencies for financial gain, as well as Internet of Things (IoT) botnet exploits.
Finally, Optiv forecasts that evolving DDoS attacks will continue to be a problem for all-sized organizations, thanks to firms' willingness to pay ransoms and the number of weakly protected IoT devices connecting to the internet daily.
It notes that end users will be the "best line of defense" from hackers in 2018.
For resellers, MSPs and the like, the biggest takeaway from the report is to consider the criticality of knowing what risks are inherent in their customers' environment, Falk said.
"Do they sell to petrochemical companies targeted by eco-terrorist groups? Are their customers' law firms working on tasks that complicate state-run enterprises in other countries? A basic level of threat intelligence and awareness is required to successfully support an organization," she said.