Topics In Demand
Notification
New

No notification found.

Changing dynamics of cybersecurity
Changing dynamics of cybersecurity

June 13, 2021

52

0

In the last 20 years, cybersecurity has certainly changed; in the last year, an evolution has occurred that is more frightening than the last 20 years combined.

 

A threat actor in the past who could detect and exploit a flaw would attempt to exploit it for financial gain using ransomware or leveraging the breach for data exfiltration and monetization on the dark web. In the last year, attacks have honed in on technology companies, and they are making headlines. The more technology and cybersecurity focused, the higher the profile when breached. After all, shouldn’t a cybersecurity company be the most secure organization?

 

The fascinating part is that the vast majority of them have implemented the best cybersecurity practices, hardening and monitoring that are practical for productivity and secure operations. Unfortunately, we have seen this is not enough.

 

So, it begs the question, how are threat actors now succeeding? The answer is a two-attack vector approach that is relatively new to the industry.

 

The Old-School Approach

 

The old-school approach of scanning, phishing and hammering on resources to break in through the front door — or through some resource operated by an individual in the office or working from home — can be conducted against cloud resources, internet-facing on-premise resources and the plethora of devices and applications operated by employees, contractors and vendors. Over the last 20 years, we have focused on cybersecurity for these attacks, and these solutions have high effectiveness in mitigating the threats if implemented properly.

 

While no solution is 100% effective, these approaches form the best practices. However, they have failed in the last year — especially for technology companies.

 

The New-School Approach

 

The latest attack vector technology companies need to consider is the cybersecurity of the products they develop.

 

This is not a new threat, but these products are becoming a targeted focal point by threat actors. The flaws, vulnerabilities, exploits and poor configurations present in the solutions companies bring to market are causing a world of pain for their clients and the manufacturer themselves.

 

While many companies have adopted secure code review, penetration testing of their products and best practices for patch management, threat actors have tailored their attacks to target vendors, the supply chain and compromise companies that have licensed their solutions. SolarWinds Orion is the most profiled breach based on this attack vector, but the trend is accelerating. Consider the new worm targeting Android users of WhatsApp. The application itself was identified to have a vulnerability and malware created to use WhatsApp as a mule to propagate the worm. Facebook, the owner of WhatsApp, was not targeted by threat actors but, rather, the product they produce. And beyond the other implications, the revenue impact of an exploited product flaw could be massive. SolarWinds, for instance, saw their stock lose nearly 40% of its value by January.

 

How To Respond

 

Thousands of technology vendors are ramping up their security to ensure this type of attack does not occur with their products. They are verifying build servers, certificates, API logs and many other potential sources for an indicator of compromise by monitoring and ensuring their products are tamper resilient. But like targeting a business, no remediation, mitigation or product testing will be 100% effective.

 

Threat actors are raising the bar, and they have found new low-hanging fruit to attack. If your technology-based products are weak and implemented in businesses and consumers around the world, they may have just found a way to penetrate your business even if all the windows and doors are locked with proverbial hurricane shutters. They found their way in through the supplies and tools you used to keep you safe during a storm. We now have to consider two attacks, our business and the products we make.

 

Source: Forbes/Morey Haber


That the contents of third-party articles/blogs published here on the website, and the interpretation of all information in the article/blogs such as data, maps, numbers, opinions etc. displayed in the article/blogs and views or the opinions expressed within the content are solely of the author's; and do not reflect the opinions and beliefs of NASSCOM or its affiliates in any manner. NASSCOM does not take any liability w.r.t. content in any manner and will not be liable in any manner whatsoever for any kind of liability arising out of any act, error or omission. The contents of third-party article/blogs published, are provided solely as convenience; and the presence of these articles/blogs should not, under any circumstances, be considered as an endorsement of the contents by NASSCOM in any manner; and if you chose to access these articles/blogs , you do so at your own risk.


Sanketsahni

© Copyright nasscom. All Rights Reserved.