Adversaries exploit supply chains, double down on COVID-19 and ransomware

By | 10:13 PM Leave a Comment

Supply chain attacks, ransomware, data extortion and nation-state threats prove to be more prolific than ever, a CrowdStrike report suggests.

exploit supply chains

eCrime attacks made up 79% of all intrusions (via hands-on-keyboard activity). Among a popular vector for cybercriminals is the supply chain as it allows malicious actors to propagate multiple downstream targets from a single intrusion.

Threat actors improving strategies to evade detection

Additionally, the report spotlights how nation-state adversaries infiltrated networks to steal valuable data seeking COVID-19 vaccine research, whereby threat actors have improved strategies to evade detection and camouflage in networks, many times deceiving their targets.

“There is a human being behind every attack, and cyber actors are getting bolder and more astute day-to-day. As such, it’s critical to employ comprehensive cloud-native technology for increased visibility and prevention capabilities including threat intelligence and expert threat hunting to stay one step ahead of modern day attacks.

“Additionally, today’s rapidly changing remote work environment highlights that identity protection is central to the defense of any enteprise’s infrastructure. Organizations must take decisive action to control access and protect data in order to outmaneuver adversaries,” said Adam Meyers, SVP of intelligence at CrowdStrike.

exploit supply chains

Other key findings

  • The healthcare industry will continue to face significant threats from criminal groups as 18 Big Game Hunting enterprise ransomware families were confimed infecting 104 healthcare organizations in 2020.
  • Adversaries from North Korea will be motivated to enhance cyber operations in 2021 due to COVID-19 and a resulting food shortage.
  • Data extortion techniques will continue to accelerate through the introduction of Dedicated Leak Sites (DLS).
  • China will focus on supply chain compromises and the targeting of key western verticals in support of the 14th Five Year Plan and the COVID-19 vaccine including academic, healthcare, technology, manufacturing and aerospace.

from Help Net Security https://ift.tt/3pEaJQA

0 comments:

Post a Comment