Monday, 21 September 2015

The face of hacking is changing – and it's getting uglier

Cyberattacks from Russia have increased because of sanctions related to the Ukraine while assaults from Iran have dropped over recent months, thanks to the recent Iran nuclear deal.

David DeWalt, FireEye chief exec, said these changes show how the diplomatic landscape affects what is happening in cyberspace although the general trend is towards increased assaults. From tracking 50 or so offensive hacker groups years ago, FireEye is now monitoring 350 groups who are busy â stealing, disrupting & spying, according to DeWalt.

State-backed hackers in Russia work closely with cybercrime elements, such as the remnants of the infamous Russian Business Network, & have been been active in targeting US retailers such as Target as well as equity & hedge money over the last years or so.

Assaults targeting credentials & log-in details, as well as assaults targeting supply chains than targeted organisations directly, are becoming more commonplace. Energy, government & aerospace are the industry verticals most on the front line but most industry sectors are affected to a lesser or greater extent, according to FireEye.

The security firm estimates that the median time for firms to detect assaults is 205 days, or around seven months. It takes around a month (32 days) to reply to assaults. DeWalt said major breaches such as eBay, Adobe &, more recently, the US governmentâs Office of Personnel Management leak are making the security situation worse.

In particular, FireEye has seen information harvested from a recent breach of the Sabre airline reservation process abused in follow-up assaults.

Stolen IDs & program vulnerabilities are hackersâ  main tricks. The were brought together over recent months in successful assaults that planted backdoored operating systems onto Cisco routers. These assaults were carried off remotely & used to redirect packets, according to DeWalt.

â Credential stealing or using credentials to carryover out further assaults is the arms race weâre in with attackers,â DeWalt told El Reg, & ID dumps generate â huge issues downstream,â they added.

El Reg caught up with DeWalt in the coursework of a FireEye briefing to regional press in Madrid. From being an also-ran years back, France has become the third largest target of APTs â advanced persistent threats â in the EMEA region over recent months. Israel (the largest target) & Saudi Arabia are both more attacked than organisations in France & the United Kingdom, according to FireEyeâs stats. The reason for Spainâs prominence is nât clear, even to FireEyeâs promotion team. ®

No comments:

Post a Comment