Ultimately, countries are seeing that cyber campaigns can be easier to conduct than traditional espionage and are investing in these techniques.
Adam Meyers, senior vice president of intelligence at Crowdstrike, said one of the reasons countries were increasing their offensive cyber capabilities is due to the impact of the global pandemic. Lockdowns and stringent travel checks made it harder for traditional espionage techniques to be effective, leading towards investment in cyber operations.
He said the shift toward cloud applications and cloud IT services have also played a role in making cyberattacks easier. The rise of hybrid working means many employees aren't based in an office, instead connecting remotely via collaborative applications, VPNs and other services – using a username and password.
And although this makes being productive while working remotely simpler for employees, it's also made things simpler for hacking groups, who can secretly access networks with a stolen – or guessed – username and password.
"As organisations are moving to the cloud and looking to develop better capabilities, threat actors are moving there as well," said Mr Meyers.
There are, however, steps that organisations can take to help make their networks and their cloud infrastructure more resistant to cyberattacks.
The report recommends that organisations work towards eliminating misconfigurations in their cloud applications and services by setting up default patterns for setting up cloud, so when new accounts are set up, it's done in a predictable manner, minimising the possibility of human error going undetected. Cloud architecture should also be monitored and maintained with security updates, like any other software.