The New Wave Of Attack Vectors

Uploaded on 2020-02-20 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

With cyber-attacks constantly developing and becoming more sophisticated, here are some of the current attacks that organisations should review and monitor. The cloud is now a common storage realm for companies that want to scale their data while making use of usually large capacities. 

Some of the newest cyber-attacks around right now are increasingly targeting the cloud, particularly cloud applications and Information Age has been talking to leading security experts

Attacks from Nation-States
Recent research by Microsoft found that over 8,000 of the company’s customers had been attacked by nation-state hackers in the space of a year. More than 8,000 of Microsoft’s enterprise customers have been targeted by nation-state hackers over the past year, new research has revealed. While the vast majority of incidents were not tied to political meddling, some instances “appear to be related to ongoing efforts to attack the democratic process”, according to Microsoft security chief Tom Burt.

Over the last 12 months, the majority of attacks observed by Microsoft’s researchers originated from a small number of threat groups located in Russia, Iran and North Korea.

The US and UK have become increasingly vocal in calling out nation-state attacks over the last two years. But efforts to create an international pact on cyber warfare have so far fallen flat. While a cyber security accord launched by France last year attracted more than 50 countries’ signatures, the US, Russia and China all refused to sign up. Microsoft President Brad Smith, who was one of the original champions of the new set of rules, said responsibility for peace in cyber space extended beyond just the tech industry. “While the tech sector has the first and highest responsibility to protect this technology and the people who rely upon it, this is an issue that requires that governments, companies and civil society come together,”

The WannaCry attack is a notable recent example of a cyber-attack that has been attributed to a nation-state, that being North Korea.

According to Sam Curry, CSO at Cybereason, this is a trend that likely to continue. “The malware being used by nation-state actors will have a disturbing trickle-down effect among dark actors,” he said. “The reality is that nation-state actors have a unique advantage over other threat actors in that they have effectively unlimited resources to accomplish their mission..."

Swarm Technology
Swarm technology refers to decentralised systems that use automation such as AI to operate without the need for human intervention. Named after the term that defines a group of insects and acting in a similar manner, although swarm tech has been known to have the potential to benefit society, some experts are wary of its possible cyber attacking capabilities as well.

Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet, explained: “Over the past few years, the rise of swarm technology, which can leverage things like machine learning and AI to attack networks and devices has shown new potential. “Advances in swarm technology have powerful implications in the fields of medicine, transportation, engineering, and automated problem solving. .... Eventually, specialised bots, armed with specific functions, will be able to share and correlate intelligence gathered in real-time to accelerate a swarm’s ability to select and modify attacks to compromise a target, or even multiple targets simultaneously.”

Weaponised 5G
As 5G works its way into everyday use, some experts reckon that the network, much like the aforementioned swarm technology, could be just as useful to cyber criminals as civilian mobile device users.

GDPR Could See DDoS Attacks Evolve
Some of the newest cyber-attacks may not be new in form, but rather the way in which it operates, which could be just as worrying to cyber security teams. “DDoS attacks have traditionally followed the well-trodden method of flooding servers and networks with huge volumes of internet traffics in order to overwhelm them,” said Mark Belgrove, Head of Cyber Consultancy at Exponential-e.  “GDPR empowers data subjects to request access to the data an organisation holds on them and, despite a maximum response time being stated in the regulation, many don’t allocate the required resources to handle such requests...
This brings other areas of the enterprise to a standstill." A 2019 report by Link11 found that DDoS attacks had tripled within the past year.

Advanced Malware
Belgrove went on to explain that cyber criminals using malware as a tactic were evolving from traditional methods. “Traditional keylogger malware is being replaced in some instances with advanced imitation JavaScript-based web browsers that simply record all sensitive data that is entered by an unsuspecting victim....The malware can still be activated via the same method, clicking on a link within a phishing email, for example, but instead of downloading a malicious file, users are faced with a working replica web browser that can fool the vast majority long enough for them to access a corporate application using their credentials."  

Attacks on Critical Infrastructure
The most vital personal data about is the data contained within critical infrastructure. This is a term that refers to systems that uphold the needs of society or the economy, and includes data associated with pharmaceuticals, real estate and finances.
According to Dave Weinstein, CSO at Claroty, this could be more of a target in the eyes of criminals behind the newest cyber-attacks. “Perhaps the most important techniques to be on the lookout for are those that aim to compromise user accounts with privileged access to operational technology (OT) networks and assets,” he said. “Techniques like password spraying and spearphishing are hardly new to the cyber threat landscape, but their use against critical infrastructure organisations, particularly in North America, suggested a concerted effort among select groups to gain access to these hardened targets."

“It’s important that asset owners and operators patch these systems and monitor all their industrial communications, especially those originating from remote sources.” Weinstein said 

Link11:       Claroty:       exponential-e:        Fortinet:       Cybreason:      New Statesman:    Fortanix:      Information-Age


You Might Also Read:

Attack Vectors Are Proliferating:

 


 

 

« Top Australian Spy Condemns Britain's Huawei Decision
Counting The Ways That AI Can Boost Business »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Celestix Networks

Celestix Networks

Celestix is a global provider of secure network solutions that enable the simple deployment of secure remote access connectivity.

High Technology Crime Investigation Association (HTCIA)

High Technology Crime Investigation Association (HTCIA)

HTCIA was formed to provide education and collaboration to our global members for the prevention and investigation of high tech crimes.

Cyber Defense Initiative Conference (CDIC)

Cyber Defense Initiative Conference (CDIC)

Cyber Defense Initiative Conference (CDIC) is one of the most distinguished Cybersecurity, Privacy and Information Security Conference in Thailand and Southeast Asia.

Micro Strategies Inc.

Micro Strategies Inc.

Micro Strategies provides IT solutions that help businesses tackle digital transformation in style.

BIND 4.0

BIND 4.0

Bind 4.0 is an acceleration program geared toward tech startups with solutions applied to Advanced Manufacturing, Smart Energy, Health Tech or Food Tech fields.

PAX Momentum

PAX Momentum

PAX Momentum is the Mid-Atlantic’s premier startup accelerator, specializing in cyber, enterprise software, telecom, CleanTech, FinTech, InsureTech, and AI.

HARMAN International

HARMAN International

HARMAN designs and engineers connected products and solutions for automakers, consumers, and enterprises worldwide.

IT Acceleration

IT Acceleration

IT Acceleration is a full-service IT management and support, IT compliance and Digital Forensics company.

In-Q-Tel (IQT)

In-Q-Tel (IQT)

IQT is the non-profit strategic investor that accelerates the development and delivery of cutting-edge technologies to U.S. government agencies that keep our nation safe.

Mindaro Insurance

Mindaro Insurance

Mindaro is adding the crucial piece of the cyber security puzzle that protects your organization from the financial ramifications of cyber attacks.

Aleo

Aleo

Aleo is building the world's leading developer platform for enabling absolute privacy on blockchains.

Topsec Cloud Solutions

Topsec Cloud Solutions

The Topsec Managed Email Security Platform eliminates Spam, Viruses, Malware, and Phishing.

Tenchi Security

Tenchi Security

Tenchi Security are specialized in Third-Party Cyber Risk Management (TPCRM) and aim to reduce information asymmetry when it comes to third and Nth-Party security and compliance risk management.

Appranix

Appranix

Appranix delivers Cloud App Resilience with app-centric entire cloud resources backup, restore, and cross-region disaster recovery.

Accompio

Accompio

Accompio offer comprehensive support in the digitalisation of your business processes.

X-PHY

X-PHY

X-PHY is a pioneering cybersecurity company dedicated to hardware-based cybersecurity solutions that protect data at its core.