CounterTack | MCSI and Ponemon Institute Study Reveals That A Growing Number of U.S. Corporations Have Suffered a Nation-State Cyber Attack

Thirty-five Percent of Organizations are Certain They Have Already Become Victim to a State-Sponsored Attack

October 30, 2015

5 Min Read


WALTHAM, Mass. (October 21, 2015)— CounterTack | MCSI, the leader in Big Data Endpoint Detection and Response (EDR), today released the results of the security industry’s first in depth look at the rise in nation-state attacks against corporations and government agencies.  In the new Ponemon Institute report titled “The Rise of Nation State Attacks,” 35 percent of surveyed organizations are certain they have been the victim of a nation-state attack.

The last 12 months have been filled with high-profile breaches, including successful attacks against Sony and the U.S. government’s Office of Personnel Management, keeping these corporations and agencies in the headlines.

What should be concerning to C-level executives and corporate boards is that 49 percent of respondents to the Ponemon Institute survey are still taking a ‘wait and see approach’ to security, instead of a proactive stance to prevent threats before they happen, which will not reduce potential data loss and collateral damage.        

The Ponemon Institute surveyed 639 U.S. IT security practitioners familiar with their organization’s approach to defending against cyberattacks. Key findings from the study include:

·   Act of ‘cyber war’ – Almost 30 percent of respondents view nation state attacks as an act of cyber warfare.

·   Imminent threat – Thirty-five percent of respondents were certain their organization experienced a nation-state attack.

·   C-level concern – Post Sony and OPM attacks, 74 percent of senior level executives are concerned about nation-state attacks.

·   A widespread lack of preparedness – Seventy-five percent of organizations are not currently equipped to detect or prevent nation-state attacks. Only 12 percent of respondents rated their ability as high for recognizing such attacks.   

To access the full report, go to

“It is undeniable that many corporations and government agencies are victims of nation-state attacks. State-sponsored actors are a major threat to organizational infrastructure, yet many organizations are not being proactive enough to beef up their network defenses until it is often times too late,” said Michael Davis, CTO, CounterTack. “Today, corporations spend hundreds of billions of dollars on research and development to build the most innovative products and services. Yet they will sit back and allow state-sponsored attackers to walk through the front doors of their networks to steal the very information they worked so hard to develop. This approach needs to end immediately and more time needs to be invested in putting the right mechanisms in place that will notify them of abnormalities in their network as they happen, in order to eliminate and prevent damage.”


Differentiating Between Non-State and State-Sponsored Attacks

A specific difference between non-state and state-sponsored attacks is the data attackers are targeting. Actors looking to carry out a non-state sponsored attack are going to target data they can sell quickly, such as credit card or social security numbers. There is the likelihood to move quickly into and out of the network.

The Ponemon Institute Survey also defines characteristics of a nation-state attack as preying upon standard business practices and those unaware of security practices, like the 49 percent of organizations not taking precautionary measures. With state-sponsored attacks, hackers are attracted to personal identifiable information, in particular intellectual property, classified military information, schematic drawings, etc. This coveted, high-value data could give countries a competitive and military advantage over the United States and other countries they are attacking.


Responding to a Nation State Attack

Today, most organizations are challenged by a lack of resources and a need for more rapid and accurate detection to prevent nation-state attacks. Whether they consider themselves targets or not, corporations are not adequately equipped to detect and prevent a nation-state actor from infiltrating their network.  

“Providing additional education to organizations on the characteristics of nation-state attacks, and intent of the malicious actors, is necessary to better equip security personnel in lowering their level of risk,” said Larry Ponemon, President, Ponemon Institute. “There is a belief that government agencies are the only targets of nation-state attacks and that would be false. Often, they go after the proprietary data and intellectual property of blue chip corporations and Global 5000 companies.”


About Ponemon Institute

The Ponemon Institute© is dedicated to advancing responsible information and privacy management practices in business and government. To achieve this objective, the Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a variety of industries.


About CounterTack | MCSI

CounterTack | MCSI is the leading provider of real-time, Big Data endpoint detection and response technology for the enterprise. CounterTack | MCSI provides unprecedented visibility and context around operating system and binary behaviors to detect zero-days attacks, rootkits, targeted malware and advanced persistent threats, enabling our customers to improve incident response and advanced threat detection, enterprise-wide.

Built on Big Data architecture to counter endpoint threats at-scale and leveraging tamper-resistant collection for pure behavioral capture on enterprise endpoints, (laptops, servers, workstations, mobile devices) CounterTack | MCSI dramatically reduces the impact of advanced threats in real-time and post-incident, giving teams an opportunity to defend the enterprise across the entire cyber kill chain. Our 200+ customers leverage next-generation solutions on a global scale, across verticals and within a strategic partner ecosystem that includes MSSP and professional services around incident response and threat remediation.

To learn more, please visit:

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights