| | OCTOBER 20219efforts around the world. Adversaries proved to be highly adaptable, creating waves of disruptive and sophisticated attacks. Attackers targeted the abundance of remote workers or learners outside the traditional network. They also showed renewed agility in attempts to target digital supply chains and even the core network.Some of the key highlights of the findings are onslaught of ransomware that continued to haunt the cyber experts, supplychain took the centre stage, and adversaries targeted the online moves of the users while the home branch office remained a constant target. Surprisingly, the cast of actors joined the global stage, and last but not the least, flattening the curve of vulnerability exploits.If we go deeper into each of them, we would know that the research showed a sevenfold increase in overall ransomware activity compared to first half of 2020, with multiple trends responsible for the increase in activity. The focus on big ransoms for big targets were set and the threat of disclosing stolen data if demands were not met combined together to create conditions for the massive growth in ransomware attacks.In addition, with the varying degrees of prevalence, the most active of the ransomware strains tracked were Egregor, Ryuk, Conti, Thanos, Ragnar, WastedLocker, Phobos/EKING and BazarLoader. Five sectors were the most hit, which includes healthcare, professional services, consumer services, public sector, and financial services. Hence, organizations need to ensure data backups are timely, complete, and secure off-site. Zero-trust access and segmentation strategies should also be investigated to minimize risk.On the other hand, the supplychain attacks like SolarWinds breach raised the discussion to new heights. Also, examining the most prevalent malware categories reveals the most popular techniques cybercriminals use to establish a foothold within organizations. The top attack target was Microsoft platforms, leveraging the documents most people use and consume during a typical workday, while web browsers continued to be another bottleneck. Employees who typically benefit from web-filtering services when browsing from the corporate network continue to find themselves more exposed when doing so outside that protective filter.A large part of the second half of 2020 saw exploits targeting IoT devices, such as those existing in many homes, were at the top of the list. APT (Advanced Persistent Threat) groups continue to exploit the COVID-19 pandemic in a variety of ways. The most common among them included attacks focused on gathering personal information in bulk, stealing intellectual property, and nabbing intelligence aligned with the APT group's national priorities. An increase in APT activity targeting organizations involved in COVID-19 related work saw rise towards the end of 2020. Such targeted organizations included government agencies, pharmaceutical firms, universities and medical research firms.Patching and remediation are ongoing priorities for organizations as cyber adversaries continue to attempt to exploit vulnerabilities for their benefit. Among all the exploits tracked over the last two years, only five were detected by more than 10 percent of organizations. With all things being equal, if a vulnerability is picked at random, data shows that there is about a one in 1,000 chance that an organization will be attacked. Nearly six percent of exploits hit one percent of firms within the first month, and even after one year, 91 percent of exploits have not crossed that one percent threshold.As threat landscape has become omnipresent with attacks on all fronts, it is important that threat intelligence remains central to understanding these threats and how to defend against evolving threat vectors. Every device creates a new network edge that must be monitored and secured. The use of AI and automated threat detection can enable organizations to address attacks immediately, and are necessary to mitigate attacks at speed and scale across all edges.There is no doubt that cybersecurity user awareness training should remain a top priority, as cyber hygiene is not just the domain IT and security teams. So start training your workforce regularly on the best practices to keep individual employees and the organization secure. Patching and remediation are ongoing priorities for organizations as cyber adversaries continue to attempt to exploit vulnerabilities for their benefit
< Page 8 | Page 10 >