The New Wave Of Attack Vectors

With cyber-attacks constantly developing and becoming more sophisticated, here are some of the current attacks that organisations should review and monitor. The cloud is now a common storage realm for companies that want to scale their data while making use of usually large capacities. 

Some of the newest cyber-attacks around right now are increasingly targeting the cloud, particularly cloud applications and Information Age has been talking to leading security experts

Attacks from Nation-States
Recent research by Microsoft found that over 8,000 of the company’s customers had been attacked by nation-state hackers in the space of a year. More than 8,000 of Microsoft’s enterprise customers have been targeted by nation-state hackers over the past year, new research has revealed. While the vast majority of incidents were not tied to political meddling, some instances “appear to be related to ongoing efforts to attack the democratic process”, according to Microsoft security chief Tom Burt.

Over the last 12 months, the majority of attacks observed by Microsoft’s researchers originated from a small number of threat groups located in Russia, Iran and North Korea.

The US and UK have become increasingly vocal in calling out nation-state attacks over the last two years. But efforts to create an international pact on cyber warfare have so far fallen flat. While a cyber security accord launched by France last year attracted more than 50 countries’ signatures, the US, Russia and China all refused to sign up. Microsoft President Brad Smith, who was one of the original champions of the new set of rules, said responsibility for peace in cyber space extended beyond just the tech industry. “While the tech sector has the first and highest responsibility to protect this technology and the people who rely upon it, this is an issue that requires that governments, companies and civil society come together,”

The WannaCry attack is a notable recent example of a cyber-attack that has been attributed to a nation-state, that being North Korea.

According to Sam Curry, CSO at Cybereason, this is a trend that likely to continue. “The malware being used by nation-state actors will have a disturbing trickle-down effect among dark actors,” he said. “The reality is that nation-state actors have a unique advantage over other threat actors in that they have effectively unlimited resources to accomplish their mission..."

Swarm Technology
Swarm technology refers to decentralised systems that use automation such as AI to operate without the need for human intervention. Named after the term that defines a group of insects and acting in a similar manner, although swarm tech has been known to have the potential to benefit society, some experts are wary of its possible cyber attacking capabilities as well.

Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet, explained: “Over the past few years, the rise of swarm technology, which can leverage things like machine learning and AI to attack networks and devices has shown new potential. “Advances in swarm technology have powerful implications in the fields of medicine, transportation, engineering, and automated problem solving. .... Eventually, specialised bots, armed with specific functions, will be able to share and correlate intelligence gathered in real-time to accelerate a swarm’s ability to select and modify attacks to compromise a target, or even multiple targets simultaneously.”

Weaponised 5G
As 5G works its way into everyday use, some experts reckon that the network, much like the aforementioned swarm technology, could be just as useful to cyber criminals as civilian mobile device users.

GDPR Could See DDoS Attacks Evolve
Some of the newest cyber-attacks may not be new in form, but rather the way in which it operates, which could be just as worrying to cyber security teams. “DDoS attacks have traditionally followed the well-trodden method of flooding servers and networks with huge volumes of internet traffics in order to overwhelm them,” said Mark Belgrove, Head of Cyber Consultancy at Exponential-e.  “GDPR empowers data subjects to request access to the data an organisation holds on them and, despite a maximum response time being stated in the regulation, many don’t allocate the required resources to handle such requests...
This brings other areas of the enterprise to a standstill." A 2019 report by Link11 found that DDoS attacks had tripled within the past year.

Advanced Malware
Belgrove went on to explain that cyber criminals using malware as a tactic were evolving from traditional methods. “Traditional keylogger malware is being replaced in some instances with advanced imitation JavaScript-based web browsers that simply record all sensitive data that is entered by an unsuspecting victim....The malware can still be activated via the same method, clicking on a link within a phishing email, for example, but instead of downloading a malicious file, users are faced with a working replica web browser that can fool the vast majority long enough for them to access a corporate application using their credentials."  

Attacks on Critical Infrastructure
The most vital personal data about is the data contained within critical infrastructure. This is a term that refers to systems that uphold the needs of society or the economy, and includes data associated with pharmaceuticals, real estate and finances.
According to Dave Weinstein, CSO at Claroty, this could be more of a target in the eyes of criminals behind the newest cyber-attacks. “Perhaps the most important techniques to be on the lookout for are those that aim to compromise user accounts with privileged access to operational technology (OT) networks and assets,” he said. “Techniques like password spraying and spearphishing are hardly new to the cyber threat landscape, but their use against critical infrastructure organisations, particularly in North America, suggested a concerted effort among select groups to gain access to these hardened targets."

“It’s important that asset owners and operators patch these systems and monitor all their industrial communications, especially those originating from remote sources.” Weinstein said 

Link11:       Claroty:       exponential-e:        Fortinet:       Cybreason:      New Statesman:    Fortanix:      Information-Age


You Might Also Read:

Attack Vectors Are Proliferating:

 


 

 

« Top Australian Spy Condemns Britain's Huawei Decision
Counting The Ways That AI Can Boost Business »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Techmeme

Techmeme

Techmeme is an online news curation service focused on leading edge technology, including cyber security.

CloudPassage

CloudPassage

CloudPassage, a cloud security and compliance pioneer, safeguards cloud infrastructure for the world’s best-recognized brands.

ControlCase

ControlCase

ControlCase provide solutions that address all aspects of IT-GRCM (Governance, Risk Management and Compliance Management).

Aeriandi

Aeriandi

Aeriandi is a leading provider of hosted PCI security compliance solutions for call centres, trusted by high street banks and major Telcos.

HelseCERT

HelseCERT

HelseCERT is the health and care sector's national information security center for Norway.

Evidence Talks Ltd

Evidence Talks Ltd

A leading forensic computing authority developing unique digital forensic technologies. Tools that detect potential terrorists & criminals & used by the military, enforcement & intelligence commmunity

NSEIT

NSEIT

NSEIT offers end-to-end Information Technology products, solutions and services including cybersecurity to organizations in the financial sector.

Expanse

Expanse

Expanse SaaS-delivered products plus service expertise reduce your internet edge risk to prevent breaches and successful attacks.

MicroSec

MicroSec

MicroSec is a company specializing in IoT security. We focus on bringing enterprise grade security to IoT and embedded systems.

International Cyber Threat Task Force (ICTTF)

International Cyber Threat Task Force (ICTTF)

The International Cyber Threat Task Force is a not-for-profit initiative promoting the ecosystem of an International independent non-partisan cyber security community.

Mirai Security

Mirai Security

Mirai Security are a cyber security company that specializes in Governance, Risk Management and Compliance, Cloud Security and Application Security.

Bit Sentinel

Bit Sentinel

Bit Sentinel is an information security company. We help companies like yours discover, prioritize, and effectively remediate potential cybersecurity risks.

Sayers

Sayers

Sayers is best known for its ability to solve business challenges with IT solutions. Our areas of expertise include cloud, storage, virtualization, security, mobility and networking.

Institute for Applied Network Security (IANS)

Institute for Applied Network Security (IANS)

For the security practitioner caught between rapidly evolving threats and demanding executives, IANS Research is a clear-headed resource for decision making and articulating risk.

Sunnic

Sunnic

Sunnic is a leading provider of comprehensive digital data security technology.

XONA

XONA

XONA is The Zero Trust user access platform for the OT enterprise. Secure operational access to critical systems - from anywhere.