Warning: Undefined array key "HTTP_ACCEPT_LANGUAGE" in /home/u596154002/domains/usbusinessreviews.com/public_html/wp-includes/load.php on line 2057

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the rank-math domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u596154002/domains/usbusinessreviews.com/public_html/wp-includes/functions.php on line 6114
Cybersecurity: These countries are the new hacking threats to fear as offensive campaigns escalate - Best Business Review Site 2024

Cybersecurity: These countries are the new hacking threats to fear as offensive campaigns escalate

[ad_1]

The number of hostile nation-state hacking operations is rising as new countries invest in cyber-intrusion campaigns and existing state-backed attack groups take advantage of the rise in organisations adopting cloud applications.

Crowdstrike’s 2022 Global Threat Report details how the cyber-threat landscape has evolved during the past year. One of those developments is the rise of new countries engaging in offensive cyber operations, including Turkey and Columbia.

In accordance with Crowdstrike’s naming conventions, attacks by Turkish-linked groups are detailed as attacks by ‘Wolf’ while attacks by Columbian operations have been Dubbed ‘Ocelot’ – in a similar way to how cybersecurity researchers name Russian government-backed activity ‘Bear’ or Chinese hacking groups ‘Panda’.

SEECloud security in 2021: A business guide to essential tools and best practices

Activity by one of these new groups is detailed in the report; a Turkish-based hacking group, dubbed Cosmic Wolf by researchers, targeted data of an unspecified victim stored within an Amazon Web Services (AWS) cloud environment in April 2021.

The attackers were able to break into the AWS cloud environment using stolen usernames and passwords, which also provided the attackers with the privileges required to alter command lines. That means they were able to alter security settings to allow direct Secure Shell Protocol (SSH) access to AWS from their own infrastructure, enabling the theft of data.

Ultimately, countries are seeing that cyber campaigns can be easier to conduct than traditional espionage and are investing in these techniques.

“There are a lot of countries out there that look at this and realise it’s cheaper, it’s easier and it’s got plausible deniability built into it,” Adam Meyers, senior vice president of Intelligence at Crowdstrike, told ZDNet.

“That’s what’s happening – we’re seeing more countries have developed these programmes and they’re going to get better at it over time.”

One of the reasons countries are increasing their offensive cyber capabilities is due to the impact of the global pandemic. Lockdowns and stringent travel checks made it harder for traditional espionage techniques to be effective, leading towards investment in cyber operations.

“It’s created a little bit more demand or accelerated planning around developing cyber capabilities for some of these countries that would have perhaps relied on other means previously,” said Meyers.

The shift towards cloud applications and cloud IT services has also played an unwitting role in making cyberattacks easier. The rise of hybrid working means many employees aren’t based in an office, instead connecting remotely via collaborative applications, VPNs and other services – using a username and password.

SEE: A winning strategy for cybersecurity (ZDNet special report)

That makes being productive while working remotely simpler for employees – but it’s also made things simpler for hacking groups, who can secretly access networks with a stolen – or guessed – username and password.

Some of the biggest cybersecurity incidents of recent years, like the SolarWinds and Microsoft Exchange attacks, have demonstrated how an attack targeting cloud services and cloud supply chains could be powerful, particularly if cloud is misconfigured or poorly monitored.

“As organisations are moving to the cloud and looking to develop better capabilities, threat actors are moving there as well,” said Meyers.

There are, however, steps that organisations can take to help make their networks and their cloud infrastructure more resistant to cyberattacks, including the adoption of a zero-trust strategy of not trusting devices connecting to the network by default.

The research paper also recommends that organisations work towards eliminating misconfigurations in their cloud applications and services by setting up default patterns for setting up cloud, so when new accounts are set up, it’s done in a predictable manner, minimising the possibility of human error going undetected. Cloud architecture should also be monitored and maintained with security updates, like any other software.  

MORE ON CYBERSECURITY

[ad_2]

Source link

slot gacor slot gacor togel macau slot hoki bandar togel slot dana slot mahjong link slot link slot777 slot gampang maxwin slot hoki slot mahjong slot maxwin slot mpo slot777 slot toto slot toto situs toto toto slot situs toto situs toto situs toto situs toto slot88 toto slot slot gacor thailand slot bet receh situs toto situs toto slot toto slot situs toto situs toto situs toto situs togel macau toto slot slot demo slot pulsa slot pragmatic situs toto deposit dana 10k surga slot toto slot link situs toto situs toto slot situs toto situs toto slot777 slot gacor situs toto slot slot pulsa 10k toto togel situs toto slot situs toto slot gacor terpercaya slot dana slot gacor pay4d agen sbobet kedai168 kedai168 deposit pulsa situs toto slot pulsa situs toto slot pulsa situs toto situs toto situs toto slot dana toto slot situs toto slot pulsa toto slot situs toto slot pulsa situs toto situs toto situs toto toto slot toto slot slot toto akun pro maxwin situs toto slot gacor maxwin slot gacor maxwin situs toto slot slot depo 10k toto slot toto slot situs toto situs toto toto slot toto slot toto slot toto togel slot toto togel situs toto situs toto toto slot slot gacor slot gacor slot gacor situs toto situs toto cytotec toto slot situs toto situs toto toto slot situs toto situs toto slot gacor maxwin slot gacor maxwin link slot 10k slot gacor maxwin slot gacor slot pulsa situs slot 10k slot 10k toto slot toto slot situs toto situs toto situs toto bandar togel 4d toto slot toto slot