Security Market Segment LS
Thursday, 07 April 2022 19:26

Trellix releases global threat research on organisation and nation-state cyber threats


Cybersecurity is a continual problem for enterprises, governments, small businesses, and home users alike. Yet, not all cyber threats are the same. Research from Trellix finds it is Governments who are behind many of the most dramatic breaches in recent times.

The Trellix global threat research, In the crosshairs: Organisations and nation-state cyber threats, shockingly reveals the service disruptions, exposed data, and substantial financial costs of the SolarWinds breach, the Microsoft Exchange Hafnium incident, and other high-profile attacks were all driven by nation-state cyberattacks.

State attackers are relentless, and while cyberattacks can come from anywhere it is the government-driven nation-state attacks, along with their criminal proxies, which are the most dangerous because they are the most capable and best-resourced, and are persistent in their determination.

Trellix explains it's a huge problem for the international community; victim organisations lose reputation, have innovation investments exposed or diluted, and suffer in numerous ways. In fact, Trellix finds cybercrime costs the world an estimated one trillion dollars per year.

Trellix expects this will only increase because it is so rewarding to the perpetrators and there are so few penalties. How can companies defend themselves, and how can legislators develop policies to respond to nation-state actors?

These are the questions Trellix sought to answer, along with how organisations perceive and prepare for the threat of nation-state actors and how their perception actually aligns with the motivations and effects of such attacks.

Trellix surveyed 800 IT security decision-makers across the United States, the United Kingdom, Germany, France, Japan, India, and Australia over November and December 2021. Respondents came from organisations with 500 or more employees from a range of industries predominantly focused on critical infrastructure.

In the crosshairs: Organisations and nation-state cyber threats, by Trellix global research, is the result; an easily-digested - but gripping and sobering - 21-page report that CISOs, business leaders, and legislators must read.

Trellix found the line between state and non-state actors continues to blur and 86% of respondents believe they have been targeted by a cyberattack from an organisation acting on behalf of a nation-state. Yet, Trellix also found only 27% of respondents are confident they can differentiate between nation-state and other cyberattacks.

Trellix found state actors are more likely to focus on data than financial benefit, though it still incurs an estimated cost to the victim of more than one million dollars per incident.

Despite this, Trellix also found that 10% of organisations surveyed still do not have a cybersecurity strategy. Many respondents indicated limited skills and outdated network technology and security tools increase their vulnerability.

91% of respondents think the government needs to be doing more to support organisations and defend infrastructure against state-backed cyberattacks.

This is the milieux that Trellix finds global businesses sitting in. So what do we do? How can your business effectively protect itself when North Korea wants money to prop up the Kim Jong-un regime or simply takes offence, such as when Sony Pictures was hacked after releasing a movie seen as an insult to the Great Leader? What do you do to protect your business when the Russian state targets espionage in the energy sector or seeks to spread disinformation? Or, even when it targets a political enemy but its effects spread, as in the case of NotPetya which was aimed at the Ukrainian government but went worldwide? How can your business protect itself from Chinese government-sponsored IP theft? Trellix provides details on dozens of cyberattacks carried out by state actors for over a decade.

Trellix finds companies and government agencies need to make decisions in an uncertain environment to protect against a range of threats. The consequences are serious for not doing so.

However, thankfully, Trellix also finds better cybersecurity is not dependent on full certainty in the attribution of an attacker or their motives. There is still much that can be done even if it cannot be ascertained who is behind an incident.

Consequently, Trellix advocates regardless of sector, organisations must ensure a baseline level of cyber hygiene and training to best defend against a wide range of incidents.

This includes updating defence capabilities, identifying what needs to be protected, assessing actual capacity, reviewing third-party providers, and increasing communication.

It's easy to say, but as the research findings identify, there are still too many companies not putting basic precautions into place.

The report is disturbing yet gripping and pulls back the covers on the shady world of cybercrime that’s well-funded and well-protected by governments themselves as they commit cyber warfare. For any business caught in the middle, you must acknowledge this is today’s reality, and you must take action.

Download the Trellix global threat research report, In the crosshairs: Organisations and nation-state cyber threats here.

Read 961 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


The past year has seen a meteoric rise in ransomware incidents worldwide.

Over the past 12 months, SonicWall Capture Labs threat researchers have diligently tracked the meteoric rise in cyberattacks, as well as trends and activity across all threat vectors, including:

Encrypted threats
IoT malware
Zero-day attacks and more

These exclusive findings are now available via the 2022 SonicWall Cyber Threat Report, which ensures SMBs, government agencies, enterprises and other organizations have the actionable threat intelligence needed to combat the rising tide of cybercrime.

Click the button below to get the report.



It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.


David M Williams

David has been computing since 1984 where he instantly gravitated to the family Commodore 64. He completed a Bachelor of Computer Science degree from 1990 to 1992, commencing full-time employment as a systems analyst at the end of that year. David subsequently worked as a UNIX Systems Manager, Asia-Pacific technical specialist for an international software company, Business Analyst, IT Manager, and other roles. David has been the Chief Information Officer for national public companies since 2007, delivering IT knowledge and business acumen, seeking to transform the industries within which he works. David is also involved in the user group community, the Australian Computer Society technical advisory boards, and education.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News