Attacks by nation-state actors and exploits targeting supply chains are among top cybersecurity concerns of IT officials, a report by CrowdStrike released on Nov. 19 reported.
Nearly three quarters (73 percent) of IT personnel surveyed believe that their industry is at a heightened risk for nation-state-sponsored cyberattacks. In total, 95 percent of respondents feel that they are at risk of a cyberattack by a foreign entity.
One popular motivation for nation-states to attack a respondent’s organization is closeness to government, the report says. Over half (56 percent) said that their organization’s close ties to government might motivate a nation-state attack. Eighty percent of respondents said that they cannot rule out intrusion by any government, including their own.
Additionally, 77 percent of respondents admitted that their organization has experienced a software supply chain attack at least once. This is up 11 percent from CrowdStrike’s 2018 survey. More organizations are also paying the ransom to remediate these attacks. In 2018, 14 percent of respondents said that their organization paid a ransom in the last year to retrieve data encrypted in a software supply chain attack. That percentage jumped to 40 percent in 2019.
The reality of supply chain attacks is seeping into organizational best practices, the report says. More than half (52 percent) of organizations hit by this type of attack in 2019 had a comprehensive strategy in place to combat it. Only 34 percent of respondents in 2018 reported having a comprehensive strategy.
Of the 1,900 respondents surveyed by CrowdStrike, 102 represented the public sector or government organizations.