Attack Madness: The “Final Four” Cyber Threats According to Security Professionals
In the spirit of March Madness, we’re evaluating the type of cyberattacks that most concern our community of security experts. When approximately one million cyberattacks are attempted per day, this “madness” takes on a whole new level for organizations looking to protect themselves against the next data breach.
We started with 16 competitors and now have our “Final Four” most concerning cyber threats – spear phishing, credential threats, fileless attacks and insider threats. Let’s examine why these attacks made the Final Four this year:
Due to the proliferation of social media platforms and our continued reliance on email, spear phishing has grown to be an understandable concern for security professionals. Cyber spies can learn an enormous amount from social media that allows them to take advantage of the naivety of employees. The vulnerabilities are unlimited when individuals offer endless personal details on their social profiles that help recruit them as unconscious infiltrators within their organizations.
The insider threat can be the most difficult to identify. When trusted individuals with access to sensitive data go rogue and are compromised by an outsider, this is frequently not discovered until after a data breach occurs. To protect against these attacks, access to critical data should be limited, regular auditing must take place to reveal who has accessed this data (and when), and data leakage needs to be prevented by compartmentalizing important information.
Today’s cyber criminals launch highly targeted attacks to gain valid credentials and become ‘insiders’ within an organization’s network. That’s why credentials that are not properly managed offer an attractive target. Fairly cheap and effective, phishing is a common threat towards an employee’s credentials. Its effectiveness is based on how well attackers can deceive employees, and with over 20 billion to 30 billion credentials on the dark web, we can’t help but witness its continued success.
Fileless attacks allow for an infiltration of existing vulnerable software that an end user would leverage on a day-to-day basis. Utilizing this successful exploit, attackers can gain control over native operating system tools or other applications that offer a level of execution freedom. This permits the rights to carry out basic commands across a network that holds valuable data. According to a recent Carbon Black report, fileless attacks against global governments included indicators of compromise reported as nation state attributable to North Korea, commonly referred to as HARDRAIN by U.S. government partners, Department of Homeland Security and the FBI. Examples of fileless malware that use routine software, applications, and protocols as a launching point for malicious activities include Microsoft PowerShell scripting languages, that typically would be trusted, but are targeted to get scripts to run remotely.
Now it’s up to you to decide who deserves to win the championship! Spear phishing and insider threats have made it to the final two, and as we finish up this last week of match-ups, be sure to take our survey and identify which attack is the most threatening to organizations. Voting closes on Friday, April 12 – so click the link below (and share it!) to help crown the winner.
The post Attack Madness: The “Final Four” Cyber Threats According to Security Professionals appeared first on Carbon Black.