Mycena theme MyCena, Author at MyCena® - Page 15 of 44

BLOG

Read our blog articles, product news and announcements.

A cybersecurity expert has warned that ransomware gangs are investing their ill-gotten gains into making attacks more dangerous. Mikko Hyppönen, Chief Research Officer at WithSecure, declared that, until now, cybersecurity teams had the help of artificial intelligence systems designed at preventing attacks. Now, however, he says that criminals might be reinvesting their ransom gains to hire experts of their own. “Some of these groups have so much cash — or bitcoin, rather — that they could now potentially compete with legit security firms for talent in AI and machine learning”, he added. Hacker gang Conti, for example, earned around $180 million in cryptocurrency ransoms in 2021. Some of these profits are now being invested in AI expertise, zero-day exploits, and elite penetration testers. According to Hyppönen, this could create the most significant security threat in years.

Passwords are not as secure as many think – and it’s best if we don’t even know them. In a recent podcast, Julia O’Toole covered the weaknesses inherent in passwords – such as loss or theft – and steps that institutions should take to improve their defences. “There’s a big confusion in business in general, between authentication and identification,” said O’Toole, “but the confusion has really created a mismatch of solutions, which amplify the problem of access insecurity. So, when it comes to authentication itself, the misconception about passwords is that you actually need to know them.” By segmenting systems, taking password management out of users’ hands, and using proper authentication, companies can defend against the disastrous consequences of password loss. “No one needs to know a password ever”, O’Toole concluded.

The software supply chain saw a 51 per cent increase in cyber attacks in 2021, according to a new report. Large-scale attacks, like SolarWinds and Kaseya, made the headlines – but were single examples of a problem affecting thousands of companies. Attackers targeted supply chain firms for the publicity and large-scale disruption on offer. Where normal companies will see an attack confined only to their services, supply chain software has the potential to travel down the line to customers and partners. According to the report, supply chain companies have increased their IT defence budget by around 10 per cent to address security.

An attack on a Ukrainian satellite service has left the rest of the world anxious about future attacks. In February and March, the Ukrainian KA-SAT Viasat satellite network was the victim of a suspected Russian attack, adding to the ongoing ground war. The incident resulted in an interruption to connectivity, causing a period of disruption for clients and services. Now, the US has warned satellite providers worldwide to be on alert. Due to the success of the attack – and the potential for widespread disruption – a CISA-FBI advisory board has recommended that security teams increase defences where possible. The board also advised that attacks against critical infrastructure satellites were even more likely.

In late March, the infamous Lapsus$ hacking group posted a number of concerning messages online. In a series of posts, the group claimed to have obtained Microsoft source code from Bing Maps, Bing search engine, and Cortana. It also posted evidence that it had taken control of an administrator account at Okta, a network authentication provider. Okta provides services for tens of thousands of companies, including FedEx and some local councils. Eventually, it was revealed that Lapsus$ had gained access through a single Okta subcontractor employee’s account with elevated administrator privileges. The attack is another example in the software supply chain access proving a critical security flaw.

Another established hacking group, FIN7, has begun to attack supply chain software through reused passwords, according to recent research. FIN7 gained notoriety in the 2010s for attack point of sale devices with credit card stealing malware. However, they have now begun to target the supply chain – following the pattern set by many other hacking groups. This shows that FIN7 may now be prioritising ransomware as their main source of monetisation. The research revealed that FIN7’s main method of entry into systems was targeting password reuse, logging into an employee’s account once they had obtained the reused password. Once inside the system, they were then able to carry out their new attacks.