The SASE provider Netskope reports that most of the malware used in attacks on its customers in the past year is linked to state-backed groups, with North Korean groups leading, followed by China and Russia; however, this does not mean that 66% of all cyber-attacks are state-backed, as not all attacks feature malware, and attributions can be challenging due to adversaries hiding their identities, launching false-flag operations, sharing tactics and techniques, and evolving groups, with financially motivated cybercrime groups comprising over 90% of data breaches analyzed by Verizon last year; despite this, nation state actors are expanding their operations, targeting cloud applications for entry and exfiltration, with different motives such as profit, disruption, and cyber-espionage, stressing the importance of understanding the threat landscape for effective cybersecurity strategies.
https://www.infosecurity-magazine.com/news/twothirds-attributable-malware/