The New Wave Of Attack Vectors

Uploaded on 2020-02-20 in NEWS-News Analysis, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

With cyber-attacks constantly developing and becoming more sophisticated, here are some of the current attacks that organisations should review and monitor. The cloud is now a common storage realm for companies that want to scale their data while making use of usually large capacities. 

Some of the newest cyber-attacks around right now are increasingly targeting the cloud, particularly cloud applications and Information Age has been talking to leading security experts

Attacks from Nation-States
Recent research by Microsoft found that over 8,000 of the company’s customers had been attacked by nation-state hackers in the space of a year. More than 8,000 of Microsoft’s enterprise customers have been targeted by nation-state hackers over the past year, new research has revealed. While the vast majority of incidents were not tied to political meddling, some instances “appear to be related to ongoing efforts to attack the democratic process”, according to Microsoft security chief Tom Burt.

Over the last 12 months, the majority of attacks observed by Microsoft’s researchers originated from a small number of threat groups located in Russia, Iran and North Korea.

The US and UK have become increasingly vocal in calling out nation-state attacks over the last two years. But efforts to create an international pact on cyber warfare have so far fallen flat. While a cyber security accord launched by France last year attracted more than 50 countries’ signatures, the US, Russia and China all refused to sign up. Microsoft President Brad Smith, who was one of the original champions of the new set of rules, said responsibility for peace in cyber space extended beyond just the tech industry. “While the tech sector has the first and highest responsibility to protect this technology and the people who rely upon it, this is an issue that requires that governments, companies and civil society come together,”

The WannaCry attack is a notable recent example of a cyber-attack that has been attributed to a nation-state, that being North Korea.

According to Sam Curry, CSO at Cybereason, this is a trend that likely to continue. “The malware being used by nation-state actors will have a disturbing trickle-down effect among dark actors,” he said. “The reality is that nation-state actors have a unique advantage over other threat actors in that they have effectively unlimited resources to accomplish their mission..."

Swarm Technology
Swarm technology refers to decentralised systems that use automation such as AI to operate without the need for human intervention. Named after the term that defines a group of insects and acting in a similar manner, although swarm tech has been known to have the potential to benefit society, some experts are wary of its possible cyber attacking capabilities as well.

Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet, explained: “Over the past few years, the rise of swarm technology, which can leverage things like machine learning and AI to attack networks and devices has shown new potential. “Advances in swarm technology have powerful implications in the fields of medicine, transportation, engineering, and automated problem solving. .... Eventually, specialised bots, armed with specific functions, will be able to share and correlate intelligence gathered in real-time to accelerate a swarm’s ability to select and modify attacks to compromise a target, or even multiple targets simultaneously.”

Weaponised 5G
As 5G works its way into everyday use, some experts reckon that the network, much like the aforementioned swarm technology, could be just as useful to cyber criminals as civilian mobile device users.

GDPR Could See DDoS Attacks Evolve
Some of the newest cyber-attacks may not be new in form, but rather the way in which it operates, which could be just as worrying to cyber security teams. “DDoS attacks have traditionally followed the well-trodden method of flooding servers and networks with huge volumes of internet traffics in order to overwhelm them,” said Mark Belgrove, Head of Cyber Consultancy at Exponential-e.  “GDPR empowers data subjects to request access to the data an organisation holds on them and, despite a maximum response time being stated in the regulation, many don’t allocate the required resources to handle such requests...
This brings other areas of the enterprise to a standstill." A 2019 report by Link11 found that DDoS attacks had tripled within the past year.

Advanced Malware
Belgrove went on to explain that cyber criminals using malware as a tactic were evolving from traditional methods. “Traditional keylogger malware is being replaced in some instances with advanced imitation JavaScript-based web browsers that simply record all sensitive data that is entered by an unsuspecting victim....The malware can still be activated via the same method, clicking on a link within a phishing email, for example, but instead of downloading a malicious file, users are faced with a working replica web browser that can fool the vast majority long enough for them to access a corporate application using their credentials."  

Attacks on Critical Infrastructure
The most vital personal data about is the data contained within critical infrastructure. This is a term that refers to systems that uphold the needs of society or the economy, and includes data associated with pharmaceuticals, real estate and finances.
According to Dave Weinstein, CSO at Claroty, this could be more of a target in the eyes of criminals behind the newest cyber-attacks. “Perhaps the most important techniques to be on the lookout for are those that aim to compromise user accounts with privileged access to operational technology (OT) networks and assets,” he said. “Techniques like password spraying and spearphishing are hardly new to the cyber threat landscape, but their use against critical infrastructure organisations, particularly in North America, suggested a concerted effort among select groups to gain access to these hardened targets."

“It’s important that asset owners and operators patch these systems and monitor all their industrial communications, especially those originating from remote sources.” Weinstein said 

Link11:       Claroty:       exponential-e:        Fortinet:       Cybreason:      New Statesman:    Fortanix:      Information-Age


You Might Also Read:

Attack Vectors Are Proliferating:

 


 

 

« Top Australian Spy Condemns Britain's Huawei Decision
Counting The Ways That AI Can Boost Business »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

enSilo

enSilo

enSilo secures customers data on premise or in the cloud. Regardless of the where the threat comes from, enSilo can protect your data.

RIPS Technologies

RIPS Technologies

RIPS Technologies delivers automated security analysis for PHP applications as platform independent software or highly scalable cloud service.

BankVault

BankVault

BankVault is a new type of cyber technology (called remote isolation) which sidesteps your local machine and any possible malware.

National Cyber Security Center (NCSC) - Hungary

National Cyber Security Center (NCSC) - Hungary

The National Cyber Security Center was established in 2015 by uniting the GovCERT-Hungary, National Electronic Information Security Authority (NEISA) and the Cyber Defence Management Authority (CDMA).

Incognito Forensic Foundation Lab (IFF Lab)

Incognito Forensic Foundation Lab (IFF Lab)

IFF Lab is a premier cyber and digital forensics lab in India that offers forensic services and solutions, cyber security analysis and assessment, IT support, training and consultation.

VIPRE Security Group

VIPRE Security Group

VIPRE Security Group is an award-winning global cybersecurity, privacy and data protection company.

Cyber Security & Cloud Expo

Cyber Security & Cloud Expo

The Cyber Security & Cloud Expo is an international event series in London, Amsterdam and Silicon Valley.

eResilience

eResilience

eResilience is a division of Referentia Systems, a pioneer in an ultra-secure information safeguarding technique known as “Enclaving”, in which data can be segmented and protected within a network.

Police CyberAlarm

Police CyberAlarm

Police CyberAlarm is a free tool to help members understand and monitor malicious cyber activity. This service is made up of two parts; monitoring and vulnerability scanning.

eMazzanti Technologies

eMazzanti Technologies

eMazzanti Technologies provides IT consulting services for businesses ranging from home offices to multinational corporations throughout the USA and internationally.

Datrix

Datrix

Datrix is a leading Smart Infrastructure and Cyber Security solutions provider. We deliver critical networking, communications and cyber security solutions to public and private sector organisations.

gener8tor

gener8tor

The gener8tor Cybersecurity Accelerator offers a cutting-edge program in San Antonio, home to the second-largest concentration of cybersecurity experts in the United States.

Nerds On Site

Nerds On Site

Nerds On Site provide on-site & in-home IT and technical support, managed IT services, and cyber security through our collaborative team of highly-trained IT and Security professionals.

Oxygen Technologies

Oxygen Technologies

Oxygen Technologies is a business systems strategy and integration company offering a variety of solutions to give our clients ways to work smarter not harder.

AI or Not

AI or Not

AI or Not - Leverage AI to combat misinformation and elevate the landscape of compliance solutions.

Getvisibility

Getvisibility

Getvisibility enables customers to detect, classify and protect sensitive information increasing data security, governance, compliance and lowering the risk of losing valuable data.