As the digital landscape continues to evolve, the threat of state-backed cyber-attacks is becoming increasingly prominent. According to Netskope, a leading SASE provider, the majority of malware used in attacks on their customers over the past year can be attributed to state-backed groups.

Based on data collected from customer environments over 12 months, Netskope found that North Korean groups were responsible for the largest share of malware attacks, followed by entities from China and Russia. These findings highlight the growing sophistication and reach of state-affiliated cyber threats.

While the figures may seem alarming, it’s important to note that not all cyber-attacks involve malware. Nevertheless, the rise in state-backed activities is a cause for concern. Microsoft recently revealed that state-affiliated actors are even outsourcing operations to cybercriminals, further complicating the threat landscape.

Netskope’s Director of Threat Labs, Ray Canzanese, emphasized the challenges of attribution in the cyber realm. Adversaries often attempt to conceal their true identities or conduct false-flag operations to divert blame. This complexity underscores the need for ongoing monitoring and analysis to accurately identify cyber threats.

Despite the proliferation of state-backed attacks, financially motivated cybercrime groups still account for the majority of data breaches. According to Verizon’s latest analysis, over 90% of breaches last year were driven by profit-seeking cybercriminals.

Shifting Focus: From Profit to Destruction

However, Netskope’s research indicates a concerning trend towards nation state actors expanding their operations. The security vendor noted that an increasing number of attacks target cloud applications for data exfiltration, with different motives driving each group.

North Korean actors primarily focus on financial gain, while Chinese and Russian groups target high-value victims such as critical infrastructure providers for disruption and espionage. This shift from profit-driven cybercrime to politically motivated attacks underscores the growing threat posed by state-backed actors.

Netskope CEO, Sanjay Beri, emphasized the importance of understanding these nuances in today’s interconnected world. By knowing the motives and tactics of potential threat actors, businesses and individuals can better defend against cyber-attacks.

As the cyber threat landscape continues to evolve, proactive security measures and threat intelligence become essential components of a robust cybersecurity strategy. By staying informed and vigilant, organizations can mitigate the risks posed by state-backed cyber threats and protect their digital assets.