Hybrid cyberattacks – A new era of threat
In the ultimate dystopian novel, George Orwell’s “1984”, there is a chilling sentence towards the end of the book which reads, “The creatures outside looked from pig to man, and from man to pig, and from pig to man again; but already it was impossible to say which was which.”
The same can now be said for your common cyber-criminal and groups of state hackers. The ability to differentiate between the two is becoming more and more difficult as the two are increasingly impersonating one another in an attempt to cover their tracks and escape detection.
The most recent edition of the “Cyber Threat Intelligence Estimate”, from security solutions integrator Optiv Security of Denver, Colorado, states that cyber-criminals and nation-state owned or sponsored hackers are now learning from each other and improving at what they do, as they implement similar practices, spoof each other’s hacking plans and lay fake tracks to confuse investigators.
The Optiv report states:
“Sometimes
threat actors may masquerade as a certain type in order to hide their true
agenda. Or, threat actors may belong to two or more classes, switching between
them as their priorities change”.
The report finds that many vertical industries are still susceptible to constantly evolving cyber threats.
While businesses and organisations increasingly understand that cyber-security is an imperative asset to their success, this issue is rarely at the top of the corporate agenda despite the fact that just one, brief, effective cyber-incursion could bring an entire business down. Anthony Diaz, VP and general manager of cyber operations at Optiv says, “Cyber security can be an existential threat for organisations.”
The report discovers that retail, healthcare, government, and financial institutions are among the industries most vulnerable to verticals of cyber security attacks. The attackers also are developing in terms of sophistication as “hybrid threat actors” (those that pretend to be of a different threat classification to conceal their real identities) begin to thrive.
Old conventional attack methods (botnets, DDoS attacks, malware and phishing remain persistent threats but ransomware and “cryptojacking” are amid the new array of weapons in the hacker’s armories.
The painful fact is that cyberspace is increasing in terms of its hostility, hackers are now more refined than ever and hybrid threat actors are improving at defying detection methods and systems. Consequently, no vertical business is exempt from attack.
The new report recommends several instances of best practice including the employment of multi-factor authentication when possible, and conducting of frequent audits of all vendors and third-party assets, disposing of the ones that aren’t used any more.
The report also recommends that organisations take a proactive stance, rather than a reactive one in their approach to cyber security. When it comes to Cyberspace, shutting the stable door once the horse has bolted is pointless. The deed is done and the money (or the IP) has long gone. It is better and more cost effective to put the defenses up before an attack takes place rather than to try to recover when the assailants have come and gone. In today’s world, it is sadly a case of when, rather than if.