One Article Review
| Source |  Anomali |
|---|---|
| Identifiant | 8293292 |
| Date de publication | 2022-12-21 05:11:00 (vue: 2022-12-21 06:06:44) |
| Titre | 2023 Anomali Predictions: New Risks to Put Added Pressure on Enterprise Defenders |
| Texte | Cybersecurity has a way of surprising us with the unexpected so I wouldn’t be surprised to see a completely new kind of security threat emerge in 2023. But as the ongoing cat-and-mouse game between attackers and defenders unfolds, certain scenarios are already coming into view. Why Threat Actors Will Love Pink Slips Amid growing economic uncertainty, many companies around the globe are tightening their belts and reducing headcount in advance of a possible economic recession. But as organizations brace for the worst, three related security risks now loom: 1. External attackers aren’t the only threats companies face. Insider threat incidents are up 44% in the past two years, as costs per incident have climbed more than a third to $15.38 million. But there’s new reason for concern since layoffs create insider threat risks – either in the form of disgruntled employees or among existing employees angry about corporate’s decision to let go of colleagues. That means more potential for theft or sabotage from within. 2. Staff reductions have unintended consequences on an organization’s security posture. When gaps in network defenses suddenly appear, the company now has fewer technical experts watching the situation. At the same time, the organization now has less visibility into the security status of its various products and systems. This presents a golden opportunity for professional threat actors searching out the path of least resistance. When they hear about layoff announcements at a particular firm, it doesn’t take very long before attackers start probing for security vulnerabilities. 3. Companies regularly get into trouble by failing to set up well-controlled and thorough off-boarding personnel procedures – particularly when it comes to senior or privileged users. Proper processes with verification of completion on user accounts, data, assets, etc. is critical. Also, don’t ignore the consequences of adding roles and responsibilities to remaining employees who may shoulder added responsibilities following a staff layoff. There are risks in maintaining segregation of duties and inadvertently creating ‘super users.’ This could pose an insider threat risk or present targets of opportunity for attackers looking to exploit ‘novices’ in new roles they have taken on. Commodity Malware and Tools Dominate Threat actor groups operate a profitable business selling increasingly complex malware and tools to would-be attackers, a trend that will continue in 2023, making it even harder for forensic investigators to determine the origin of attacks. All of which further underscores the importance of better threat intelligence to understand why certain actors are likely to target specific organizations and what malware and tools they might deploy. Supply Chain Is the Place to Be Cyber attackers stick with what works. So, after the run of big supply chain breaches in the last few years – SolarWinds 2020, Log4Shell 2021 and its variants into 2022 – expect more of the same in the new year. The too-common occurrence of trusted relationship abuse and supply chain attacks is a particular favorite of state-sponsored groups. Look for them to demonstrate patience and remain hidden as they go to great lengths to accomplish their objectives. None of this means that attackers are fated to have the advantage over defenders in 2023. But given their growing sophistication, it’s more important than ever to have fuller awareness of your assets and supply chain vectors. Pay close attention to shared development environments, where you work with 3rd parties and contractors in developing and maintaining your applications. Maintaining oversight over the security and access to these environments is key. Assure development practices and establish adequate segregation of code bases, data, and documentation. It’s hard to suffici |
| Envoyé | Oui |
| Condensat | $15 ‘super 2020 2021 2022 2023 3rd about abuse access accomplish accounts actor actors added adding adequate advance advantage after all already also amid among angry announcements anomali appear applications are aren’t around assets assure attackers attacks attention awareness base bases before belts better between big boarding brace breaches build business but cat certain chain climbed close code colleagues comes coming commodity common companies company completely completion complex concern consequences continue contractors controlled corporate’s costs could create creating critical cyber cybersecurity data decision defenders defenses demonstrate deploy determine developing development disgruntled documentation doesn’t dominate don’t duties economic either emerge employees enterprise environments establish etc even ever existing expect experts exploit external face failing fated favorite fewer fidelity firm following forensic form from fuller further game gaps get given globe golden great groups growing hard harder has have headcount hear hidden how ignore importance important inadvertently incident incidents increasingly insider integrity intelligence investigators it’s its key kind last layoff layoffs least lengths less let likely log4shell long look looking loom: love maintaining making malware many may means might million more mouse network new none now objectives occurrence off ongoing only operate opportunity organization organization’s organizations origin out over oversight particular particularly parties past path patience pay per personnel pink place pose possible posture potential practices predictions: present presents pressure privileged probing procedures processes products professional profitable proper put reason recession reducing reductions regularly related relationship remain remaining resistance responsibilities risk risks roles run sabotage same scenarios searching security see segregation selling senior set shared shoulder since situation slips solarwinds sophistication specific sponsored staff start state status stick suddenly sufficiently supply surprised surprising systems take taken target targets technical than theft them there’s these third thorough threat threats three tightening time too tools trend trouble trusted two uncertainty underscore underscores understand unexpected unfolds unintended user users variants various vectors verification very view visibility vulnerabilities watching way well what when where which who why will within work works worst would wouldn’t year years your |
| Tags | Malware Threat Prediction |
| Stories | |
| Notes | ★★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.