Symantec cybersecurity experts: The malware deployment is preceded by a reconnaissance with the AdFind tool. The victims are large organizations.
Carbon Black publishes the Quarterly Incident Response Threat Report” (QIRTR): Politically motivated cyber attacks from nation-state actors have contributed to an ominous increase in destructive aggressions
Politically motivated cyber attacks from nation-state actors have contributed to an ominous increase in destructive aggressions. Especially ahead of the 2018 Midterm elections. It has been discovered by Carbon Black cyber security experts in the “Quarterly Incident Response Threat Report” (QIRTR). The document, that aggregates qualitative and quantitative input from 37 Incident Response (IR) partners, revealed that the attacks are tailored to specific targets, cause system outages, and destroy data in ways designed to paralyze an organization’s operations. In fact, IR firms said that 32% of victims experienced destructive attacks (in the last report they were only 10%). The goal of the QIRTR is to offer actionable intelligence for business and technology leaders, fueled by analysis of the newest threats, and expert insights on how to stop them.
China and Russia remain responsible for nearly half of all cyber attacks, while Iran, North Korea and Brazil were also the origin of a significant number of them
According to the Carbon Black QIRTR, China and Russia remain responsible for nearly half of all cyber attacks (41%). Of 113 investigations our IR partners conducted in the third quarter, 47 stemmed from those two countries alone. While Iran, North Korea, and Brazil were also the origin of a significant number of recent attacks. Nearly two-thirds of IR professionals believe cyber attacks would influence the U.S. elections. Compounding the threat to elections are marketplaces on the dark web, offering several election-related items for sale, including voter databases, social-media influence campaigns and hackers willing to conduct espionage campaigns against the government. Moreover, the cyber security experts found that over half of IR firms encountered instances of attempted counter-incident response. Half of attacks leverage “island hopping,” (50%) whereby attackers target organizations with the intention of accessing an affiliate’s network.
The state-sponsored hackers leverage “Island Hopping” and the vulnerabilities in enterprise IoTs
Moreover, according the cyber security experts, a growing number of cyber attacks are now taking advantage of Internet of Things (IoT) vulnerabilities, and not just consumer devices. An alarming 38% of IR professionals saw attacks on enterprise IoT devices, which can be a point of entry to organizations’ primary networks, allowing island hopping. The result is that the attackers are increasingly punitive, sophisticated and confident. Tom Kellerman, Carbon Black’s Chief Cybersecurity Officer, explained that “These attackers aren’t just committing simple burglary or even home invasion — they’re arsonists.” But, despite the heightened threat, most organizations still lack the skilled security experts and don’t have the visibility they need to challenge these ever-evolving cyber attacks.