Machine Identities Surge in Nation-state Cyber Attacks


Machine Identities Surge in Nation-state Cyber Attacks

By Greg Tavarez

Nation-state cyberattacks are creating service disruptions, exposing data and creating substantial financial costs. The SolarWinds attack, for instance, compromised thousands of companies by exploiting machine identities to create backdoors and gain trusted access to key assets. Russia’s HermeticWiper attack breached numerous Ukrainian entities days before Russia’s invasion of the country.

Venafi, a provider of machine identity management provider, announced the findings of new research that evaluated the security impact of the increasing number of nation-state attacks and recent shifts in geopolitics.

The study found that 66% of organizations changed their cybersecurity strategy as a direct response to the conflict between Russia and Ukraine, and nearly two-thirds suspect their organization was directly targeted or impacted by a nation-state cyberattack.

“Everyone is a target, and unlike a kinetic warfare attack, only you can defend your business against nation-state cyberattacks,” said Kevin Bocek, vice president, security strategy and threat intelligence at Venafi.

It’s well known that hackers are constantly evolving their attack strategies, which is why security solutions must also be constantly updated to keep pace. One change in attack methods is an increasing use of machine identities in state-sponsored cyberattacks. The digital certificates and cryptographic keys that serve as machine identities are the foundations of security for all secure digital transactions. Machine identities are used by everything from physical devices and software to containers to authenticate and communicate securely.

The SolarWinds attack is an example of the scale and scope of nation-state attacks that leverage compromised machine identities. And, the HermeticWiper attack used code signing to authenticate malware in a recent example of machine identity abuse by nation-state actors.

The only way to reduce risks of machine identity abuse is through a control plane. The control plane for machine identity management provides observability, consistency, reliability and freedom of choice while reducing complexity. Working across clouds, hybrid environments, datacenters and to the edge, the control plane is connected to a technology ecosystem that is the connective fabric to all machines.

Machine identities are used as part of the kill chain in nation-state attacks. Because of that, organizations need to step up their defenses against nation-state attacks.

Edited by Erik Linask

MSPToday Editor

Related Articles

MSPs Enable Enterprises to Accelerate Growth at Top Speed

By: Greg Tavarez    2/2/2023

MSP Expo Sponsor: MSPs are building their technical expertise to address customers' needs by merging with different sets of companies as the Managed S…

Read More

Pax8 Acquires Bam Boom Cloud, Deepening Microsoft Dynamics 365 Expertise

By: Reece Loftus    2/2/2023

Pax8 announced it has acquired Bam Boom Cloud, an award-winning Microsoft Dynamics 365 Business Central services organization.

Read More

Pax8 Expands Horizons Bringing in Rob Rae to Champion MSP Power Initiatives

By: Arti Loftus    2/1/2023

Pax8 today announced that Rob Rae, a highly regarded and influential innovator in the IT channel market, has joined the company as Corporate Vice Pres…

Read More

Codex IT Reaches Wasatch Front Through Intranet Consulting Acquisition

By: Greg Tavarez    2/1/2023

Codex IT is expanding its services along the Wasatch Front and the rest of Utah through its acquisition of Intranet Consulting.

Read More

GFI Software Named a Platinum Sponsor for MSP Expo 2023, Part of the #TECHSUPERSHOW

By: TMCnet News    1/31/2023

MSP Expo is the premier conference and networking summit for MSPs. This is where MSP business owners and technology specialists share strategies to gr…

Read More