With the news increasingly being flooded with cyber attacks, and summer just around the corner, will this be the summer of Cybercrime
The news lately has been filled up with many, many cyber attacks that seem to be occurring of late. This just might go down as the “Summer of Cybercrime” as opposed to it being known as another summer in quarantine. Malicious actors look to be not taking holidays and are ramping up their attacks on organisations around the world. Let’s discuss this a bit further.
I’ve been in cybersecurity for 25 years now, and every year we seem to have said the past year was worse than the previous year. 2021 is shaping up to be much worse than all the previous years with some major issues occurring:
- Ransomware actors are feeling bullish and it appears we will not see any decline in their attacks. In fact we are now seeing more double, triple and even quadruple extortion attacks on organisations. Most concerning is they appear to be targeting many of our critical infrastructure businesses that could cause major disruptions for citizens.
- Nation-state tactics are now being adopted by cybercriminals.Nation-state actors are the most sophisticated and have resources and means to infiltrate any network they want, given enough time and effort. Cybercriminals have seen these successful tactics, techniques and procedures (TTPs) and have adopted them in their attacks too, which has led to unprecedented levels of success.
- Collaboration within the criminal undergrounds appears to be occurring more often than in the past. Access as a Service is fast becoming one of the most sought after service offerings within the undergrounds. This service is offered by elite threat groups who utilise #2 above to infiltrate many organisations networks around the world, and then sell this access to other cybercriminals. Our research into criminal undergrounds has seen much more interaction between actors and groups within these places and the buying and selling of all types of services is growing all the time within underground markets.
These factors all seem to be leading to a summer that could become very difficult for organisations who could be targeted by malicious actors. But not all is lost, the good news is there are a few things we would recommend to organisations to help minimise their risk of compromise in the near future:
- Review your security policies. Now is a good time to look at how you would respond to an attack, especially review your ability to rebuild infrastructure and systems in case they are compromised and brought offline, like in the case of a ransomware attack.
- Identify your critical business systems and data and build your defences around those first.
- Discuss and work with your security vendors to audit their solutions to ensure you have the latest builds and features enabled to protect against today’s threats.
Malicious actors are taking advantage of a few areas that many organisations struggle with and so discuss how you can improve your defences within these key areas:
- Attackers will target your accounts with brute force credential attacks and other means to obtain these account credentials. As such, enabling two-factor authentication or multi-factor authentication for all your administrator and critical application accounts can inhibit malicious actors using these accounts against you.
- Review the tools you use withing your organisation and regularly scan for these tools. Malicious actors live of the land whereby they use legitimate tools in their attacks. These tools are used across the entire attack lifecycle and at all stages of an attack. If you can identify legitimate versus illegitimate uses of these tools, you may be able to detect and block the rest of the attack.
- Patch your critical servers and applications. Vulnerabilities will continue to be exploited by cyber criminals using both 0-day and more often n-day exploits. Consider virtual patching to detect exploits and give you time to manage and deploy the full patches.
Let’s not allow this to become the summer of cybercrime by implementing these suggestions and ensure we don’t give these malicious actors more wins. I’m feeling better that as a world, we’re hopefully putting the pandemic behind us, but we are also improving the ways to ensure cyber-attacks and cybercrime do not thrive. We can all work together to make this happen, and we look forward to a fun, enjoyable 2021 summer.