With the advent of IoT, cyber attacks are more on the rise than ever before. Almost 63% of cyber professionals insist that the frequency of cyber attacks is on the rise, especially over the last year. Indeed, almost 52% are of the persistent belief that these attacks cannot be stopped.
Here are five methods in which hackers are exploiting organizations and bypassing endpoint protection.
Script Based Attacks
In Script based attacks, malware in the form of scripts within existing applications is utilized to leverage Windows components such as Powershell. These attacks are almost 35% successful, according to Ponemon. Not only are attackers able to be discreet in their method of attack, but most communications through this route are also well encrypted. According to a report by Symantec, the use of such malware increased by almost 1000% last year.
Get the tips to protect from script-based attacks through Cyber Security Training
In order to catch these kinds of attacks, programmers must be looking for instances where common applications execute uncommon operations. That is to say, if in the last thousand commands, one occurred less than five teams, it could be the culprit.
Phishing or hosting of malicious sites
Many security platforms prevent the clicking of malicious links by matching IP addresses and blacklisting these websites. However, if hosted on websites such as Azure or Google Cloud, with the aid of tools such as Github, it is hard to bypass such widely used infrastructure.
Once this malware has been installed, it communicates back and forth with the command server in order to exfiltrate data. Since the attackers are mimicking normal human behaviour, attacks could be disguised in simple tools such as photos, with the encrypted code being pulled by the mere act of browsing social media. This is hard to catch for corporate security teams.
This technique of hiding commands in images is called steganography, and can even be used to hide messages in image attachments. Companies must follow strict filtration policy in order to counter this.
Poisoning legitimate applications and utilities
Almost every cyber enterprise uses a multitude of third-party apps, tools and utilities in order to enact its day to day operations. If hackers get into the companies that develop them, they can install malicious code and create backdoors. CCleaner is an example of one such website that was tainted in a similar fashion.
Open source code is particularly vulnerable since it is not under the direct jurisdiction of the company. In order to counter these companies often standardize the version number of the software used. They must also practice scrutinization of the open source code, so they can remediate all this quickly.
Unpatched vulnerabilities
The city of Baltimore was recently hit by a ransomware attack. This is because some of the old city systems were running on legacy hardware that was not being consistently updated and hence was exposed to vulnerability.In order to counter this, companies must be able to keep a scheduled patch system across all their machines. While a huge logistical task, it is not impossible.
Protect your systems from vulnerabilities through Cyber Security Course in India
Removal of security agents
The average device has almost ten security agents. However, that does mean it is safe. The agents often overlap, collide and even interfere with one another. At any point, almost 7% of endpoints are missing protection. Even if this security is robust and up to date, hackers only need to gain a foothold in order to turn off these services. DoS attacks might be launched to overwhelm these agents. Once changes to the registry are made to escalate privileges, the attackers have gained full control. The only way to prevent this is by creating a more rigorous privilege hierarchy, according to Humberto Gauna.
Now more than ever, there are many different ways in which corporations must be on their guard. By utilizing a rigid defensive structure and intricate protocols, companies will become able to mount a better defense against these modern day criminals.
0 comments:
Post a Comment