News

How modern attack methods compromise current cybersecurity strategies

Security Parrot Editorial Team

Cybercriminals Evolve Tactics to Launch More Deadly Attacks

Cybercriminals have been waging a constant campaign of ransomware attacks for years, introducing new malware components that threaten to take down entire systems. Statistics show that 71 percent of organizations were victims of ransomware by 2022. As malware continues to evolve, the biggest change in modern attack methods is brought about by the hackers themselves. They use new techniques that target organizations’ ability to plan and communicate, resulting in even more deadly attacks.

Coordinated Attacks

Hackers are using three to four different attack chains at the same time. Coordinated attacks include phishing, spam, spoofing, and social engineering and allow for multiple attack vectors. This makes it difficult for an organization to respond efficiently. In addition, methods such as intermittent and transient encryption are a major threat to organizations because they create data quality issues and allow adversaries to use subtle tactics to stay under the radar.

Preparing for the Worst

The best defense is preparing for the worst, adopting a zero trust architecture and developing a strategy for rapid responses. There is a huge need for software and applications that can fight against cyber attacks at the speed of light. In order to take successful countermeasures, let’s first look at the biggest new threats.

Intermittent Encryption

Intermittent encryption, or partial encryption, is a new technique cybercriminals use to evade detection and damage the target’s files more quickly. It is efficient and deceptive, but file encryption takes a long time, so a cursory analysis can often spot this malware activity. However, new attack methods allow hackers to encrypt parts of files on an intermittent basis. This keeps CPU usage low and makes it more difficult for conventional and behavior-based ransomware tools to spot this type of activity.

Fileless Attacks

Fileless attacks are another way to evade detection. This is the way nation-state attackers often use. The attacks they deploy use legitimate, publicly available software tools that can be found in a target’s environment. Threats can slip by if they avoid using process names or file hashes that are already flagged as dangerous indicators.

Vulnerabilities in VoIP

The popular “Lorenz ransomware” attacks exposed a vulnerability in voice-over-IP devices used as gateways to corporate telephone systems and computer networks. Experts say the Lorenz group has followed the “double exploitation” tactic: they sell the data they steal and provide access to victims’ systems to other online attackers.

Cybercrime-as-a-Service

The hacker community is diversifying. Recently, the cybercrime-as-a-service sector has emerged in which initial access brokers (IAB) offer the possibility to hack organizations, steal credentials and sell access to other attackers. Selling IABs to other attackers is a lucrative business and can be used to launch more sophisticated attacks.
Organizations need to be aware of the new threats and take steps to protect themselves. Adopting a zero trust architecture and developing a strategy for rapid response is essential. Software and applications that can fight against cyber attacks at the speed of light are also needed. By understanding the new threats and taking the necessary steps, organizations can protect themselves from the most deadly attacks.

Weekly Updates For Our Loyal Readers!

Share this Article
Lost your password?