How Attackers Are Breaking Into Organizations Cybersecurity Dive 3889

How attackers are breaking into organizations – Cybersecurity Dive

Threat actors lean heavily on phishing attacks, vulnerabilities in software and containers, and stolen credentials, according to top cyber vendor research.
Threat actors are constantly on the lookout for new or more susceptible pathways to break in and gain access to an organization’s data or network.
While most points of intrusion are well known by cybersecurity professionals, they remain naggingly persistent. Phishing attacks, business email compromise, known software vulnerabilities and stolen or compromised credentials remain the most widespread initial vectors by which attackers gain access, according to research from IBM Security, Palo Alto Networks and VMware.
However, other means of attack are also on the rise. 
Application protocol interfaces, which allows software from multiple vendors or developers to connect and communicate with each other, represent the next frontier for attackers, according to VMware’s Global Incident Response Threat Report. VMware released the research during Black Hat USA in Las Vegas last week. 
Nearly one-quarter of all attacks compromise API security, the company’s annual survey of 125 cybersecurity and incident response professionals found. API attacks take many forms, but the top types include data exposure, SQL and API injections, and distributed denial-of-service, according to VMware. 
Malicious insider attacks represent another emerging and growing threat with 41% of respondents encountering such attacks during the last year, the report said.
These findings further support conclusions drawn by IBM Security’s research on data breaches and Palo Alto Networks’ Unit 42’s research on incident response. 
IBM categorized data breaches into 10 initial attack vectors. Stolen or compromised credentials were the most-common initial attack vector in 2022, accounting for nearly one in five data breaches studied. 
Data breaches were also caused by phishing attacks, cloud misconfigurations and vulnerabilities in third-party software, the IBM Security report said.
Software vulnerabilities accounted for nearly half of all cases of initial access used by threat actors to deploy ransomware during the last year, according to Unit 42’s report
Exploits of vulnerabilities in containers, a widely adopted cloud-native technology, also increased during the last year, according to VMware. Three-quarters of respondents said they encountered container vulnerability exploits compared to two-thirds in 2021, the report said.
Many of these attacks also carry a ransomware component. Almost 60% of respondents told VMware their organization experienced a ransomware attack during the last year, and two-thirds encountered affiliate programs or partnerships between ransomware groups.
Get the free daily newsletter read by industry experts
Addressing the causes of burnout requires a top-down approach that better aligns security teams with the rest of the business.
Companies trying to fill cybersecurity roles need to stop looking for unicorns and expand their search to qualified, but often overlooked, job candidates.  
Keep up with the story. Subscribe to the Cybersecurity Dive free daily newsletter
Keep up with the story. Subscribe to the Cybersecurity Dive free daily newsletter
Subscribe to Cybersecurity Dive for top news, trends & analysis
Get the free daily newsletter read by industry experts
Want to share a company announcement with your peers?
Share your announcement
Addressing the causes of burnout requires a top-down approach that better aligns security teams with the rest of the business.
Companies trying to fill cybersecurity roles need to stop looking for unicorns and expand their search to qualified, but often overlooked, job candidates.  
The free newsletter covering the top industry headlines

source

Leave a Comment

Leave a Reply

Your email address will not be published.

PIXM Adds Cybersecurity Industry Veteran Julian Waits to Board of Directors – Business Wire

Cybersecurity: Winning the Battle Starts with the Front Lines | eWEEK – eWeek

Rebekah Jones to stand trial on cyber security charges in January – WUSF News

Promising Trends in Software Development for 2022 and Beyond – Startup.info