Cybersecurity has emerged as a critical and ongoing battle against a dynamic and pervasive global threat. The landscape is evolving rapidly, with adversaries increasingly gaining ground in this ongoing struggle. The frequency and severity of cyberattacks are on the rise, affecting a wide array of enterprises, organizations, and essential infrastructure worldwide.
Many sectors are experiencing heightened vulnerability, prompting organizations to bolster their defenses and respond to unauthorized activities within their networks. The implications of these attacks are significant, often leading to operational disruptions and necessitating the involvement of external cybersecurity experts to mitigate the fallout.
This trend underscores a broader reality: businesses and organizations of all sizes face substantial risks in this digital age. As attacks grow more sophisticated and widespread, it is essential for every organization to draw valuable lessons from the evolving threat landscape and prioritize cybersecurity measures to safeguard their operations and data.
1) Even in this high-tech world, sometimes low-tech tricks can outsmart the best.
Adversaries have amassed an impressive toolbox of tactics for breaching networks, but phishing remains the most popular. This holds true for everyone – from the lone wolf attacker to nation-states. Why? Phishing is inexpensive, versatile, extremely simple to execute, and most importantly, devastatingly effective. Comcast Business data reveals that phishing is the predominant method used in cyberattacks, far surpassing other tactics. In 2023 alone, Comcast Business identified over 2.6 billion phishing interactions. A staggering 90% of these interactions were designed to lure victims to websites harboring malware. Furthermore, over 100,000 incidents led to domains and subdomains hosting the notorious Agent Tesla Remote Access Trojan.
Another common tactic is voice phishing, or “vishing,” a social engineering tactic in which criminals go old-school and call their potential victims. In a vishing attack, criminals fool otherwise unsuspecting users or employees into handing over confidential or sensitive data.
Phishing and vishing excel at exploiting human nature to gain an initial foothold in breaching networks. This can enable adversaries to access domain servers and databases that yield credentials in bulk. Last year saw a surge in credential dumping activities, with over 295 million attempts.
Adversaries don’t go through all the trouble of breaching networks without a plan to remain inside. At a minimum, they install malware to scan for exploitable vulnerabilities and then decide whether a business is worth the additional effort. The ability to remain hidden increases a target’s value.
2) A potential breach is closer than you think.
Whether businesses know it or not, adversaries are testing networks, systems, and users for vulnerabilities daily. Attack attempts are inevitable and beyond an organization’s control.
If we’ve learned anything, it’s that hackers are relentless. Last year alone, we detected a staggering 29 billion attacks targeting customers. These attacks are designed to breach networks, move laterally within systems, escalate privileges, identify and exploit high-value assets, exfiltrate or destroy data, and disrupt critical operations.
Any adversary that obtains “legitimate credentials” has become a powerful foe – one who can authenticate applications, bypass security, escalate privileges, and conduct malicious activities at will. Comcast Business security logs indicate over 19 million initial access attempts through the exploitation of valid accounts.
3) The best defense is a good offense.
With so many factors outside of an organization’s control, it’s critical to focus on what can be done. Factors within an organization’s control include planning and preparing for attacks before they happen instead of dealing with the aftermath later. The fallout can be devastating.
Understanding trends around past security and data breaches is critical to avoid becoming a future victim. But knowing about the threats is only half the battle.
Technology teams today are best served through a comprehensive suite of powerful security solutions orchestrated to provide multiple layers of security, as well as managed security services provided by a trusted partner to augment or extend in-house capabilities.
Automated systems like Managed Detection and Response (MDR) solutions are efficient in detecting and mitigating advanced threats. Using AI and machine learning, these systems can identify suspicious activity, anomalies, and potential security breaches. Additionally, they can automate routine tasks like incident response and compliance reporting, saving time and reducing human error. In fact, our analysis of MDR and Endpoint Detection and Response (EDR) data shows how these services are essential for detecting and blocking advanced cyberattacks.
For most businesses, a cyberattack is not a matter of “if” but “when.” Everyone needs a strategy and a roadmap. Many organizations have discrete security controls that leave substantial gaps and residual risks. In the same way that attackers use multiple vectors to breach security controls, defenders must take a proactive approach to guard their digital realms. Only then can they begin to change the course of the battles that rage in cyberspace.
About the Author
Shena Seneca Tharnish is VP of Secure Networking and Cybersecurity Solutions for Comcast Business. She joined Comcast Business in 2017 after serving as SVP, Enterprise Network Infrastructure at PNC Bank for five years in Pittsburgh, PA, and as a senior leader at The Home Depot, Inc. for twelve years in Atlanta, GA. Shena has over 24 years of experience in Information Technology — leading and managing network engineering and application development services. Prior to joining The Home Depot, Tharnish worked as a network consultant with carriers MCI WorldCom and Concert Communications (BT/AT&T), designing wide area networks for businesses. Shena can be reached at our company website https://business.comcast.com/.
Source link
