Skip to main content
banner image
venafi logo

Venafi RSA Survey Results: Are We In a Permanent State of Cyber War?

Venafi RSA Survey Results: Are We In a Permanent State of Cyber War?

cyber war and encryption
March 12, 2020 | Shelley Boose

DarkMatter, Quantum and APT Groups

The threat of nation state cyber attacks has garnered significant media attention over the past year. Early in 2019, we saw the U.S. Cyber Security and Infrastructure Security Agency (CISA) issue an emergency directive warning about the nation-state advanced persistent threat (APT) called Sea Turtle which took advantage of a DNS security weakness. Then, Firefox denied Dark Matter Root CA status based on alleged international cyber espionage activities.

As Quantum computing became closer to a reality, Venafi speculated about how Quantum cryptography can give governments an edge against nation state attacks as well as about the geopolitical implications of quantum computers hijacking machines.

Later in the year, we saw an NSA warning of Advanced Persistent Threat (APT) groups exploiting vulnerabilities in a few popular VPN services for cyber warfare. And early in 2020 the U.S. CISA issued another rare emergency directive about a major cryptographic flaw in Microsoft Windows that was discovered by the National Security Administration (NSA). Plus, after a drone to targeted Iranian military leader Qassem Suleimani, we warned businesses to prepare for retaliatory Iranian cyberwarfare.

And most recently, we learned that the U.S. Central Intelligence Agency (CIA) actually owned Crypto AG, a company trusted by government agencies and other public sector entities worldwide, and had used the company’s cryptographic offerings to acquire highly sensitive and often classified data on foreign governments across continents.

Are we in the midst of a cyber war? See what your peers think.


Are We In A Permanent State of Cyber War?

Given the constant flow of coverage of nation-state attacks, we here at Venafi began to wonder if we have entered an era of permanent cyber war. So at RSA Conference 2020, we polled 485 IT security professionals to learn their opinions on the seriousness of our current state of cyber warfare. According to our survey, 88% of security professionals believe the world is in a permanent state of cyber war, with 90% concerned that digital infrastructure will suffer the most damage as a result.

While these results are notably high, they are not entirely surprising—especially given the perceived uptake in the nation-state attack surface. “Security professionals are under constant siege from very sophisticated threat actors targeting government, military and private organizations,” said Kevin Bocek, vice president of security strategy and threat intelligence at Venafi. “Powerful attack methods, like establishing backdoors with machine identities, are now available as commodity malware, making it harder for security professionals to defend against these attacks.”

The Most Vulnerable Asset?

According to respondents, the most vulnerable industries are those that are undergoing rapid digital transformation and are essential to daily life.

  • 60% of respondents say  power, water, healthcare and transportation are equally vulnerable to a cyberattack that causes physical damage.
  • Nineteen percent thought that power was most vulnerable, followed by healthcare (12%) and transportation and water (tied at 5%).

“The sophisticated cyberattacks that are the hallmark of nation state attacks often target digital keys and certificates that serve as machine identities. These critical security assets are often poorly manageded and provide attackers with the ability to hide in encrypted traffic, pivot across networks and eavesdrop on sensitive data,” warns Bocek. “Any organization that isn’t managing machine identities at least as well as they protect usernames and password is at greater risk of becoming a victim of a cyberattack. And, unfortunately, these risks are unlikely to change in the near term because most organizations are just beginning to understand these risks.”

Is your organization prepared to defend your machine identities against cyber warfare?


Related posts


Like this blog? We think you will love this.
Featured Blog

Machine to Machine Communication in Early EVs was Appalling: Troy Hunt at Summit

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

Subscribe Now

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

Shelley Boose
Shelley Boose

Shelley is Director of PR and Content Marketing at Venafi. In her own words, "I help companies translate complex technologies into engaging and compelling, digital stories."

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more