SALT LAKE CITY – September 13, 2018 – Venafi®, the leading provider of machine identity protection, today announced the results of a survey of 515 IT security professionals’ views on cyber war and nation-state security. The survey was conducted August 4-9, 2018, at the Black Hat conference in Las Vegas.
According to the survey, eighty-six percent of IT security professionals say the world is currently in the middle of a cyber war. In addition, forty percent of respondents believe a nation-state cyber attack has already cost human lives.
“The bottom line is that the notion of war is changing from something that you do with bullets and guns on the ground to something you do with bits and bytes,” said Jeff Hudson, CEO for Venafi. “Essentially, this is a war about compromising and controlling information. Once you fully understand that, it’s pretty easy to see that we are in a full-on cyber war right now.”
Additional findings from the survey include:
- Eighty-eight percent believe attacks that disrupt election infrastructure – including voting machines and machines that transmit, store, tabulate and validate electoral data – are acts of cyber war.
- Eighty-six percent believe that misinformation campaigns designed to manipulate public opinion for political outcomes are acts of cyber war.
- Only three percent say cyber attacks will never cost human lives.
Last month, DEF CON, the world's largest underground hacking conference, hosted a Voting Machine Hacking Village that focused on infrastructure and a wide range of election systems. According to participants, the back-end systems that house sensitive voting data are especially vulnerable to nation-state tampering and attacks.
In July, a grand jury issued a detailed indictmenton international interference during the 2016 U.S. presidential election. Details in the indictment indicate that nation-state actors utilized encrypted tunnels to target vulnerabilities in election infrastructure, along with other attack methods. Attacks that hide in encrypted tunnels are difficult to detect and block without a comprehensive machine identity protection program in place.