State-Sponsored Cyber Attack Risk: What You Need to Know in 2020

Worldwide tensions have reached their highest point in decades. Despite the slight de-escalation in the threat of military actions, leading security experts remain very concerned about the increasing probability of cyber attacks on American assets.

This isn’t marketing hype. This is a new reality, as evidenced by the recent National Terrorism Advisory System Bulletin from the Department of Homeland Security.

The situation is alarming – and unpredictable. Secretary of State Mike Pompeo told FOX News that state-sponsored attackers “have a deep and complex cyber capability, to be sure,” and that they could unleash cyber attacks at any time. 

Initial reports have warned of attacks against critical American infrastructure targets. But as we’ve seen over the past few years, state-sponsored attackers have evolved from DDoS attacks to complex wiper malware and are capable of launching a full range of destructive attacks against any number of targets.

The question isn’t, “Are you vulnerable?” 

Just ask the Federal Deposit Library Program about being hacked by actors sympathetic with these issues, after their unpatched servers were hacked and their website was defaced. This attack was likely led by amateur hackers unaffiliated with state actors, but it could be a sign of what’s to come. 

Indeed, with the Iranian data wiper malware recently hitting Bapco, Bahrain's national oil company, there is growing evidence that state-sponsored cyber attacks will be on the rise. 

You should be asking “How can you avert attacks from the world’s most sophisticated sources of state-sponsored cyber terrorism?”

The answer? Harden your endpoints right away against known vulnerabilities – and automate how you respond to future vulnerabilities so you remediate faster than adversaries can hack.

According to the Department of Homeland Security, the time is now to prepare for “cyber disruptions” and implement basic cyber hygiene practices to protect your IT from malicious activity. 

Here are the fundamental elements of cyber hygiene from the Center for Internet Security that will help you defend against the possibility of attack.

1. Inventory and control of hardware and software assets

Attackers know which software is most vulnerable to exploit, and they are on the lookout for hardware that’s running such software. To be a smaller target for malicious actors, your organization should be utilizing tools that inventory all the software and hardware throughout your organization so you can automate any software enforcement policies that may be necessary.

2. Continuous vulnerability management

There are over 40 new vulnerabilities every day. Keep in mind that attackers have access to the same information you do, and they’re ready to seize any opportunity to exploit new vulnerabilities before you remediate. To ensure your systems are secure, you need to be constantly aware of software updates, patches, security advisories, threat bulletins, and more. Instead of bogging your team down with chasing this ever-changing information, deploy a platform that will keep your systems up-to-date automatically.

3. Secure configuration for hardware and software on laptops, workstations, and servers

Factory default system configurations are practically an open door for adversaries. Yet ensuring advanced configuration settings requires sophistication that’s beyond the ability of most users. Even worse, configuration settings can quickly drift or decay from an ideal state to situations that are exploitable. Best practices demand that you address configuration management with a tool that gives you full visibility into your configurations and lets you automate how you configure, manage and ensure compliance for all software on devices across your organization.

4. Maintenance, Monitoring, and Analysis of Audit Logs

Your logs are crucial for more than just compliance reporting. Often times, logs are the only evidence of cyber attacks, and hackers take advantage of knowing that organizations rarely analyze this information. To be sure your systems are free from malicious activity, you need instant visibility into your systems, their patch and vulnerability status, and the software installed across your organization.

Speed is your biggest advantage.

The clock is ticking. Can you address your endpoint vulnerabilities before they’re exploited? Traditional approaches to patch management, largely built around on-premises servers per geographic location, lack the agility to respond quickly enough ahead of attacks. On average, it takes organizations 102 days to remediate a known vulnerability. 

Adversaries weaponize those vulnerabilities in less than a week.

It’s time to act as fast as possible. Using Automox’s automated, cloud-native endpoint-hardening platform, you can remediate your vulnerabilities 30X faster than industry norms. The result is a faster, easier approach to endpoint management that patches vulnerabilities within 72 hours. Learn more about why remediating with 24/72 hours is the new benchmark in vulnerability management.

Recommendations from the National Terrorism Advisory System

Here’s what the Alert issued on January 4, 2020 had to say:

  • Previous homeland-based plots have included, among other things, scouting and planning against infrastructure targets and cyber enabled attacks against a range of U.S.-based targets.
  • Iran maintains a robust cyber program and can execute cyber attacks against the United States. Foreign States are capable, at a minimum, of carrying out attacks with temporary disruptive effects against critical infrastructure in the United States.
  • Be prepared for cyber disruptions, suspicious emails, and network delays.
  • Implement basic cyber hygiene practices such as affecting data backups and employing multi-factor authentication. For more information visit CISA.gov.

Have questions about whether your approach to endpoint and vulnerability management is agile enough to defend against state-sponsored cyber attacks? Find out how Automox can help. Contact our team to request a demo, or start a risk-free 15-day trial today.

About Automox

Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes the aperture of attack by more than 80% with just half the effort of traditional solutions.

Cloud-native and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, macOS, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure. 

Experience modern, cloud-native patch management today with a 15-day free trial of Automox and start recapturing more than half the time you're currently spending on managing your attack surface. Automox dramatically reduces corporate risk while raising operational efficiency to deliver best-in-class security outcomes, faster and with fewer resources.

Get Instant Updates on Vulnerabilities

Subscribe to receive Automox vulnerability alerts

Reduce your threat surface by up to 80%

Make all of your corporate infrastructure more resilient by automating the basics of cyber hygiene.

Take 15 days to raise your security confidence!
Start a Free Trial