Dive Brief:
-
One of the ways savvy hackers are preying on organizations is by taking advantage of encryption to "conceal command-and-control activity," according to the Cisco 2018 Annual Cybersecurity Report. Though encryption is meant to protect digital networks, hackers are finding leak paths, which are a "misconfigured connection created to the internet on an enterprise network," to install malware. As a result of rapid cloud adoption, leak paths are increasing.
-
While network layer attacks are decreasing, application layer attacks are increasing. If hackers successfully infiltrate the application layer, which contains a variety of devices, "large portions" of the internet could be shut down, according to the report.
-
Before 2017, ransomware could only spread through drive-by downloads, email or inserting a piece of corrupted hardware, such as a USB drive, into a device. Hackers have now created self-propagating attacks that can go undetected, as seen in WannaCry and Nyetya.
Dive Insight:
Hackers are frequently executing more sophisticated cyberattacks, targeting businesses of all sizes across sectors. Last year alone serves as a testament to the level of severity cyberattacks impose on critical infrastructure. A range of new kinds of attacks were carried out with no signs of diminishing, and year will be no different.
Last summer, hackers were able to harness the capabilities of previous malware and combine them with optimized versions. WannaCry was derived from a wormable ransomware with automated capabilities. Following WannaCry, the world got another taste of self-propagating ransomware in Nyetya, also referred to as NotPetya.
However, much of cyberattacks' damage could have been prevented if basic security measures, like software updates, had been routinely made. This is particularly true as both attacks took advantage of the known EternalBlue vulnerability. A weakness in or shortage of cybersecurity talent can also stall an organization's ability to implement the newest methods of protection.
In addition to propagating through outdated software, Nyetya used the supply chain to spread another emerging trend seen in 2017: using vendors as an unknowing weapon to distribute malicious content to customers.
Many vulnerable consumers were faced with the CCleaner attack in September after hackers were attempting to gain access to major companies' intellectual property, including Microsoft and Cisco.
Basic security protocols are key to mitigating new threats. CIOs and IT departments should at the very least maintain an inventory of all devices and software on their networks to easily locate where a vulnerability may lie.