The New Wave Of Attack Vectors

With cyber-attacks constantly developing and becoming more sophisticated, here are some of the current attacks that organisations should review and monitor. The cloud is now a common storage realm for companies that want to scale their data while making use of usually large capacities. 

Some of the newest cyber-attacks around right now are increasingly targeting the cloud, particularly cloud applications and Information Age has been talking to leading security experts

Attacks from Nation-States
Recent research by Microsoft found that over 8,000 of the company’s customers had been attacked by nation-state hackers in the space of a year. More than 8,000 of Microsoft’s enterprise customers have been targeted by nation-state hackers over the past year, new research has revealed. While the vast majority of incidents were not tied to political meddling, some instances “appear to be related to ongoing efforts to attack the democratic process”, according to Microsoft security chief Tom Burt.

Over the last 12 months, the majority of attacks observed by Microsoft’s researchers originated from a small number of threat groups located in Russia, Iran and North Korea.

The US and UK have become increasingly vocal in calling out nation-state attacks over the last two years. But efforts to create an international pact on cyber warfare have so far fallen flat. While a cyber security accord launched by France last year attracted more than 50 countries’ signatures, the US, Russia and China all refused to sign up. Microsoft President Brad Smith, who was one of the original champions of the new set of rules, said responsibility for peace in cyber space extended beyond just the tech industry. “While the tech sector has the first and highest responsibility to protect this technology and the people who rely upon it, this is an issue that requires that governments, companies and civil society come together,”

The WannaCry attack is a notable recent example of a cyber-attack that has been attributed to a nation-state, that being North Korea.

According to Sam Curry, CSO at Cybereason, this is a trend that likely to continue. “The malware being used by nation-state actors will have a disturbing trickle-down effect among dark actors,” he said. “The reality is that nation-state actors have a unique advantage over other threat actors in that they have effectively unlimited resources to accomplish their mission..."

Swarm Technology
Swarm technology refers to decentralised systems that use automation such as AI to operate without the need for human intervention. Named after the term that defines a group of insects and acting in a similar manner, although swarm tech has been known to have the potential to benefit society, some experts are wary of its possible cyber attacking capabilities as well.

Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet, explained: “Over the past few years, the rise of swarm technology, which can leverage things like machine learning and AI to attack networks and devices has shown new potential. “Advances in swarm technology have powerful implications in the fields of medicine, transportation, engineering, and automated problem solving. .... Eventually, specialised bots, armed with specific functions, will be able to share and correlate intelligence gathered in real-time to accelerate a swarm’s ability to select and modify attacks to compromise a target, or even multiple targets simultaneously.”

Weaponised 5G
As 5G works its way into everyday use, some experts reckon that the network, much like the aforementioned swarm technology, could be just as useful to cyber criminals as civilian mobile device users.

GDPR Could See DDoS Attacks Evolve
Some of the newest cyber-attacks may not be new in form, but rather the way in which it operates, which could be just as worrying to cyber security teams. “DDoS attacks have traditionally followed the well-trodden method of flooding servers and networks with huge volumes of internet traffics in order to overwhelm them,” said Mark Belgrove, Head of Cyber Consultancy at Exponential-e.  “GDPR empowers data subjects to request access to the data an organisation holds on them and, despite a maximum response time being stated in the regulation, many don’t allocate the required resources to handle such requests...
This brings other areas of the enterprise to a standstill." A 2019 report by Link11 found that DDoS attacks had tripled within the past year.

Advanced Malware
Belgrove went on to explain that cyber criminals using malware as a tactic were evolving from traditional methods. “Traditional keylogger malware is being replaced in some instances with advanced imitation JavaScript-based web browsers that simply record all sensitive data that is entered by an unsuspecting victim....The malware can still be activated via the same method, clicking on a link within a phishing email, for example, but instead of downloading a malicious file, users are faced with a working replica web browser that can fool the vast majority long enough for them to access a corporate application using their credentials."  

Attacks on Critical Infrastructure
The most vital personal data about is the data contained within critical infrastructure. This is a term that refers to systems that uphold the needs of society or the economy, and includes data associated with pharmaceuticals, real estate and finances.
According to Dave Weinstein, CSO at Claroty, this could be more of a target in the eyes of criminals behind the newest cyber-attacks. “Perhaps the most important techniques to be on the lookout for are those that aim to compromise user accounts with privileged access to operational technology (OT) networks and assets,” he said. “Techniques like password spraying and spearphishing are hardly new to the cyber threat landscape, but their use against critical infrastructure organisations, particularly in North America, suggested a concerted effort among select groups to gain access to these hardened targets."

“It’s important that asset owners and operators patch these systems and monitor all their industrial communications, especially those originating from remote sources.” Weinstein said 

Link11:       Claroty:       exponential-e:        Fortinet:       Cybreason:      New Statesman:    Fortanix:      Information-Age


You Might Also Read:

Attack Vectors Are Proliferating:

 


 

 

« Top Australian Spy Condemns Britain's Huawei Decision
Counting The Ways That AI Can Boost Business »

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

Cyber Security Service Supplier Directory

Cyber Security Service Supplier Directory

Free Access: Cyber Security Service Supplier Directory listing 5,000+ specialist service providers.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Tenable Network Security

Tenable Network Security

Tenable Network Security - Need to Evolve to a Risk-Based Vulnerability Management Strategy but Don’t Know How? This Guide Will Show You.

Synology

Synology

Synology provides high-performance, reliable, and secure Network Attached Storage (NAS) products.

Dimension Data

Dimension Data

Dimension Data specialising in IT services in areas including network integration, data centres and managed security.

AppRiver

AppRiver

AppRiver is a global provider of cloud-based email and web security solutions that protect businesses worldwide from today's ever-changing online threats.

Tieto

Tieto

Tieto is the largest Nordic IT services company that provides full life-cycle services in areas including cybersecurity

Seavus

Seavus

Seavus is a software development and consulting company with a proven track-record in providing successful enterprise-wide business solutions including Managed Security Services.

MUSA

MUSA

The MUSA (MUlti-cloud Secure Applications) project is an EU funded-research project working in the areas of cloud and multi-cloud security.

Phoenix Cybersecurity

Phoenix Cybersecurity

Phoenix Cybersecurity Services and Managed Security Services help clients just like you take full advantage of leading cybersecurity technologies and industry best practices.

WebSec B.V.

WebSec B.V.

WebSec is a Dutch Cybersecurity firm mainly focused on offensive security services such as pentesting, red teaming and security awareness and phishing campaigns.