Nation state attacks, and the threat of them, appear to be evolving.\u00a0 The theory that these state-backed cybercriminals are focused on hacking into military or diplomatic data for competitive intelligence now needs to be broadened to other motivating factors.\u00a0 Nation state hackers are expanding their targets to not only government institutions, but also businesses and industrial facilities.\u00a0 They are using more sophisticated techniques to disrupt organizations, and their respective countries, by leaking confidential, often sensitive, information.Nothing fun to see hereIn his Worldwide Threat Assessment, US Director of National Intelligence Daniel R.Coats painted a concerning scenario of such threats to come.\u00a0 Said Coats, \u201cThe potential for surprise in the cyber realm will increase in the next year and beyond as billions more digital devices are connected\u2014with relatively little built-in security\u2014and both nation states and malign actors become more emboldened and better equipped in the use of increasingly widespread cyber toolkits.\u201dHe called out these three cyber threat examples:In 2016 and 2017, state-sponsored cyber attacks against Ukraine and Saudi Arabia targeted multiple sectors across critical infrastructure, government, and commercial networks.Ransomware and malware attacks have spread globally, disrupting global shipping and production lines of US companies. The availability of criminal and commercial malware is creating opportunities for new actors to launch cyber operations.We assess that concerns about US retaliation and still developing adversary capabilities will mitigate the probability of attacks aimed at causing major disruptions of US critical infrastructure, but we remain concerned by the increasingly damaging effects of cyber operations and the apparent acceptance by adversaries of collateral damage.Fight sophistication with sophisticationIf nation state actors are becoming more sophisticated and emboldened, enterprises need to up their game to the same level of sophistication.\u00a0 The most recent example of how effective a nation state can be in disrupting regular information flow is Russia\u2019s Roskomnadzor watchdog blocking of Telegram, a messaging service popular in Russia.\u00a0 It was widely reported that as many as 20 million IP addresses were blocked, and according to Reuters, preventing Russian internet users from accessing Telegram and other services that route content through Google and Amazon servers.\u00a0 While this was deemed a retaliatory action in response to Telegram\u2019s refusal to comply with a court order that would have breached the confidence of users\u2019 encrypted messages, the clear import is how facile these nation state actors are in disabling and disrupting day-to-day processes for large numbers of users \u2013 not to mention interrupting U.S. based business activities,i.e., Google.In other nation state threats, North Korea is known to have an active botnet in place that can execute DDoS attacks and has been linked by some researchers to the WannaCry ransomware attack.To proactively defend against these types of threats, the first step is to take another look at your organization from the aspect of information that would be most attractive to a nation state attacker.\u00a0\u00a0 If your organization stores intellectual property, sensitive, personal legal or financial data [with GDPR in mind] or other consumer data, you\u2019re ripe for a nation state threat.\u00a0 Certainly, consumer facing activities are a target-rich opportunity for nation state actors, and the Russian Telegram incident is a good indication of how widespread these attacks can be.Are you nation state \u2018defense ready\u2019?Our theme in this blog is \u2018Be a Security Vigilante.\u2019\u00a0 Constant vigilance and monitoring of all security processes in place is absolutely essential to defense \u2013 for nation state threats, and for all threats that can compromise your organization\u2019s ability to do business.\u00a0 Think about more frequent check-ins with your security teams to obtain the most complete picture of both authorized and unauthorized activity. \u00a0The more you know, the better your defense.\u00a0 This picture should include deep visibility into traffic patterns across your network to alert you to denial of service threats, or the insidious low volume attacks, like stress tests.Besides the constant vigilance, be proactive in reducing your \u2018attack surface.\u2019 \u00a0\u00a0Scrutinize your organization\u2019s workloads and, when internet access is not required, isolate those from the internet.\u00a0 This helps to reduce the exposure of critical data to unauthorized access, and to defend against \u2018man in the middle\u2019 attacks.Also, use all the tools at your disposal to help with vigilance, such as patch and vulnerability management, application whitelisting, privilege management, identity management, file and media protection, and ransomware remediation.Know your friends\u2026and enemies\u2018Keep your friends close, but your enemies closer.\u2019\u00a0\u00a0 It\u2019s a famous line from the Godfather film, and\u00a0\u00a0\u00a0 good counsel for nation state defense. Right now, do you and your team know the origin of all the critical vendors you use?\u00a0\u00a0 Have you vetted technology acquired from companies based in nations that can pose a threat?\u00a0 The National Institute of Standards and Technology (NIST) is a useful resource to review for recommended restrictions on purchasing from certain suppliers or countries. \u00a0On the keeping friends close side, do you feel confident your employees know how to spot malicious activity?\u00a0\u00a0 Are they trained, and motivated, to also become security vigilantes?\u00a0\u00a0 Many successful malware attacks start with the simple click through on an email that leads to a crippling ransomware event.\u00a0 Is everyone trained on how to quickly report such malicious activity, thereby preventing a more full-scale attack?\u00a0\u00a0\u00a0Your friends need to also extend to your network of trusted security professionals.\u00a0 Sharing what you have learned, in the face of these threats, or worse, having experienced an attack, helps the universe of colleagues working to defend against major attacks.\u00a0Unquestionably, the more we collaborate in defense against nation state threats, the stronger our collective defense power will be.