Zscaler: Nation-state attackers are "breaching the moat"
Threat actors linked to hostile states are taking advantage of defensive vulnerabilities in firewalls used across Five Eyes countries.
Nation-state attackers are targeting the cyber-defence gaps in traditional firewall solutions, the zero trust security firm Zscaler has warned.
In an earnings call, Jay Chaudhry, CEO and Chairman, said that official probes in nations across the world, including Five Eyes countries, have revealed a growing threat from "fibre attackers" - refers to a type of threat actor or method that specifically targets fibre-based network infrastructure.
Zscaler is a champion of Zero Trust as a solution to the intensifying risk. This cybersecurity model assumes no user, device, or network is inherently trusted, requiring continuous verification and strict access controls to secure resources. It uses the motto "Never trust, always verify".
During Zcaler's Q1 2025 earnings call yesterday, Chaudhry said: "Government investigations by multiple countries, including Australia, the European Union, Japan, Singapore, the United Kingdom, and the United States have concluded that nation-state fiber attackers are successfully breaching the moat created by firewall-based solutions, and as a result, these governments are planning to adopt Zero Trust architecture."
The US has been leading on the adoption of Zero Trust. Guided by the White House’s 2021 executive order on cybersecurity, agencies are transitioning to systems where no user, device, or application is inherently trusted, regardless of location. Key initiatives include deploying multi-factor authentication, encrypting all data in transit, and adopting least privilege access controls.
The growing cyber-threat facing Nato
Last week, the risk facing Western nations was highlighted at the Nato Cyber Defence Conference, where Pat McFadden, Chancellor of the Duchy of Lancaster, warned that cyber-attackers from Iran, Russia, North Korea and other hostile nations are "becoming increasingly emboldened and aggressive, testing our collective security on a daily basis".
"Cyberwar is now a daily reality," McFadden said. "One where our defences are constantly being tested."
He singled out Russia as a particular threat, claiming it could shut down power grids and "turn off lights".
"Russian state-aligned groups have taken responsibility for at least nine separate cyberattacks of varying severity against Nat states, including unprovoked attacks against our critical national infrastructure," McFadden said.
"The activity of these groups isn’t something new, or something that has just been happening in recent months. They are unpredictable; they act with disregard for the potential geopolitical consequences, and with just one miscalculation, could wreak havoc."
McFadden called for three moves to upgrade the "collective defences" of NATO allies:
- Investing in AI research to "stay one step ahead in this new AI arms race".
- International collaboration to "strengthen NATO’s collective cybersecurity".
- Bolstering own digital defences here in the UK through a "whole-of-society effort".
Protecting CNI: How to secure critical national infrastructure
Tony Hasek, founder and CEO of the NATO-backed British dual-use cyber security firm Goldilock, told Machine that critical national infrastructure (CNI) is a "prime target" from enemies trying to "disrupt our away of life".
“The UK’s involvement in the ongoing conflict in Ukraine has heightened the risk of cyberattacks from hostile nations like Russia and North Korea," he said. "While the UK is engaged in a new AI arms race, we must not overlook the importance of fundamental security measures like physical network segmentation.
"As MI5’s Director General has highlighted, the internet has become a platform for malicious actors to target our CNI. So, by physically separating critical systems from the internet, we can significantly reduce the attack surface and limit the potential damage of a cyberattack.
"Crucially, we must rethink our ‘always-on’ mentality and disconnect critical systems when they’re not in use. This way, we have the power to hide and isolate systems from attacks completely, physically segment networks, isolate critical assets and data, and contain threats or breaches when they do occur.
"The reactive approach of simply adding cybersecurity solutions as an afterthought simply doesn’t work. The more connected we are, the more vulnerable we become. Building a layered defence strategy, with physical network isolation as the foundation, will be the only real way to have total control over infrastructure, and protect our nation’s future.”
Have you got a story to share? Get in touch and let us know.
