Less than 15 days to go before the year ends but hackers are yet to take a break.
This week we heard how alleged state-backed hackers managed to use network management software updates to smuggle malware into the networks of government and corporate clients who downloaded the updates from an IT infrastructure management platform. The malware in this case can be used to conduct espionage on a grand scale.
According to Cybersecurity Ventures in 2021 there will be a cyberattack every 11 seconds. Also, according to them, by the measure of GDP, cybercrime will cost us enough to create the third-largest (virtual) economy in the world at USD 6.1 trillion. Hackers have engineered and re-engineered malware across domains and industries and have created a huge war chest to invest in improving the quality of cyberattacks in the near future.
Using domain fronting, hackers can trick servers into allowing malware-laden traffic on scales that have never been seen before. Here are the five things hackers got right this year:
- They exploited the confusion caused by the pandemic well and created new opportunities
- Ransomware R&D cycles were considerably shrunk which is why we saw a flood of ransomware in the last 6 months
- They attacked in waves with each wave bringing more complexity and stealth in the mode of attacks
- Use of new and more legitimate intermediaries to steal data: at least one site was found to ask users to share their credentials to check if they have been breached or not. The problem. The site was found to be operated by a company with a questionable background
- Phishing attacks became more sophisticated: from asking recipients to register for a vaccine to enforcing a government mandate, we saw it all this year
Hackers can shift focus easily, moving from one target to another. Unfortunately, you cannot move from one grade of cyber defense posture to another to outwit them that fast. Unless your cyber resilience posture is agile enough. Matching steps with hackers will help you prevent cyberattacks while staying a step ahead of them can help deter cyberattacks.
Subex has been helping our customers do just that across industries. As a leading IoT and OT cybersecurity vendor, we are today defending some of the toughest and hardest to secure installations in the world.
Our customers stayed safe while their counterparts turned victims throughout 2020.
Prayukth K V has been actively involved in productizing and promoting cross eco-system collaboration in the emerging tech and cybersecurity domains for over a decade. A marketer by profession and a published author, he has also proposed and promoted critical infrastructure protection strategies that rely on in-depth threat research and deflection strategies to deceive hackers and malware. Having been at the frontlines of cyber securing infrastructure, Prayukth has seen cyberattacks and defence tactics at close quarters.