Cyber Spies Go Mainstream

Cyber espionage appears to have hit the mainstream, dominated by state-sponsored operatives and taking the slot as most popular attack method in the public sector, education and manufacturing industries, according to Verizon.

The firm’s much anticipated 2017 Data Breach Investigations Report revealed that one in five (21%) breaches were related to espionage: that’s a total of 289 over the report period, more than 90% of which were state-backed.

The fruits of these efforts have been widely reported in recent months, most notably the Kremlin’s attempts to influence the outcome of the US presidential election by hacking and then leaking sensitive Democratic Party officials’ emails.

This week, Trend Micro claimed that a group allied to Russia’s interests, known as APT28, Pawn Storm and Fancy Bear, had also registered phishing emails to target the campaign of French presidential Emmanuel Macron.

“The proportion of attacks motivated by the state is still on the rise, and these hackers are becoming more aggressive each year,” Verizon managing principal of investigative response, Laurance Dine, told Infosecurity Magazine.

“The report reveals that state-affiliated actors were responsible for a quarter of its recorded phishing attacks, almost three times as many compared to the 2016 DBIR, where they were responsible for just 9% of phishing attacks.”

Phishing has become a hugely successful tactic overall, present in a fifth (21%) of attacks, up from just 8% last year.

Linked to that stat is another that organizations should take note of: 81% of hacking-related breaches succeed through stolen, weak or easy-to-guess passwords.

It’s clear that staff training on how to spot phishing, combined with a move away from password-based authentication to multi-factor systems, should be encouraged.

Overall, the volume of breaches and stolen records has risen sharply in recent years. Just four million records were lost in 2011, whereas this year’s report covered 1945 breaches including 20 where over a million records were lost.

Financially motivated attacks dominated the breaches analyzed by Verizon, accounting for 73%.

Dine recommended layered security as a key strategy to mitigate the risks posed by an increasingly agile and determined enemy.

“With a lot of espionage attacks, hackers want to have access for as long as possible without being detected. They get into the network, do some foot-printing and scanning, see what they can get, and can stay under the radar by piggybacking off normal activity. This means hackers can just get one code to the backdoor and they get the keys to the kingdom,” he explained.

“Our advice would be to only give people privileges to certain parts of the network that they actually need to do their job. It is also important to have network monitoring to identify any unusual activity, so that if a hacker has gained access then they can be detected. 

“Monitor outbound traffic to see if anyone is making connections that they have no logical reason to be making, if people are doing things they have nothing to do with their jobs it should raise an alarm. It all goes back to the idea of assuming you have been breached and looking for intruders to give themselves away. Layered security is the only way to do this.”

Infosecurity:

You Might Also Read:

Are Employees Your Weakest Link When It Comes To Security?:

Technology Can Not Diminish Insider Threats By Itself:

US Intelligence Agencies Fear Insiders As Much As Spies:

Safeguard Data When Employees Leave:

 

 

« Macron Hackers Linked To Russian Intelligence
Massive Ransom Attack Hits 99 Countries »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Ovarro

Ovarro

Ovarro is the new name for Servelec Technologies and Primayer. Ovarro's technology is used throughout the world to monitor, control and manage critical and national infrastructure.

Sentropi

Sentropi

Sentropi is an online protection solution against charge backs, account takeovers, identity thefts and online scams.

Cyjax

Cyjax

Cyjax monitors the Internet to identify the digital risks to your organisation, including cyber threats, reputational risks and the Darknet.

Cybersecurity Competence Center (C3)

Cybersecurity Competence Center (C3)

The Cybersecurity Competence Center was created to further strengthen the Luxembourg economy in the field of cybersecurity.

Procsima Group

Procsima Group

Procsima Group was created to help you achieve good IT management and security excellence.

ThreatAware

ThreatAware

Total visibility of your business cybersecurity. Monitoring, management and compliance for your cybersecurity tools, people and processes from one easy to use dashboard.

AFNOR Group

AFNOR Group

AFNOR Group designs and deploys solutions based on voluntary standards around the world and provides services including training, professional and technical information, assessment and certification.

Security BSides

Security BSides

Security BSides is the first grass roots, DIY, open security conference in the world!. BSides is a community-driven framework for building events for and by information security community members.

BlackCloak

BlackCloak

BlackCloak provides Concierge Cyber Security for high-net-worth individuals and corporate executives to protect them from cybercrime, reputational risks, hacking and identity theft.

SAST

SAST

SAST provide Static Application Security Testing as a service based on SAST Tools.

Texas A&M Cybersecurity Center

Texas A&M Cybersecurity Center

Texas A&M Cybersecurity Center is dedicated to combating adversaries who desire to harm our citizens, our government, and our industry through cyber-attacks.

SafeStack Academy

SafeStack Academy

SafeStack Academy is an online cyber security and privacy education platform. Our content is designed by experts to suit small businesses, growing companies, and development teams.

BluescreenIT (BIT)

BluescreenIT (BIT)

BluescreenIT is an IT Security Consultancy and IT and Cyber Security Training company supporting industry, local authorities, MoD and governmental IT departments.

Approov

Approov

Approov provides a comprehensive runtime security solution for mobile apps and their APIs, unified across iOS and Android.

BAE Systems

BAE Systems

BAE Systems develop, engineer, manufacture, and support products and systems to deliver military capability, protect national security, and keep critical information and infrastructure secure.

Occentus Network

Occentus Network

Occentus Network is a telecommunications service provider specialized in High Availability Servers & managed Cloud services.