It’s more than halfway through 2021, and it’s time to evaluate how the first half of the year went in terms of cyber threats. Large-scale incidents like those against Colonial Pipeline and SolarWinds have set the stage for the year, unfortunately, causing disruptions on a large scale and costing these companies a lot of money. In some cases, cyber threats have gone beyond the enterprise level and stirred national security concerns.
A new report from Accenture analyzes the first half of 2021 and identifies four key trends that are affecting the IT (information technology) and OT (operational technology) landscapes. The first trend Accenture identifies in its 2021 Cyber Threat Intelligence Report is criminals leveraging ransomware are getting more creative and testing new extortion methods. For instance, threat actors appear to be using higher-pressure tactics and targeting different industries, like critical infrastructure, as seen in the Colonial breach a couple of months ago.
Another trend Accenture identifies in its report is that Cobalt Strike-enabled attacks appear to be on the rise. Cybercriminals are increasingly using pirated versions of Cobalt Strike, a threat-emulation software, to enable campaigns such as the one against SolarWinds early this year. Accenture says it has seen the popularity of the tool surge in the first half of this year and organizations should be aware of it.
Enterprises must also be aware that “commodity malware,” malware that is free to download or available for purchase, can threaten both IT and OT environments. Accenture’s report suggests some threat actors are using commodity malware as a first stage to then deploy additional malware at the endpoint. Just because it’s widely available doesn’t mean these threats aren’t serious.
The fourth takeaway trend from the new Accenture report is that Dark Web activities, including forums that facilitate the sharing or trading of stolen data and criminal tactics and/or tools of the trade, are adding significantly to the problem. For instance, Accenture says its team has observed an increase in threat actors selling malware logs to other threat actors, which they can then use to imitate legitimate network users to gain access to a system.
The 2021 Cyber Threat Intelligence Report also suggests steps enterprises can take to mitigate threats throughout the remainder of the year and beyond. For instance, to help reduce the impact of ransomware, organizations must focus on prevention through preparation and pre-encryption defense that will help nip attacks in the bud. Organizations can also commit to analyzing their networks for discovered Beacon watermarks in Cobalt Strike samples and familiarizing themselves with this and other trending cyber threats. Organizations must also patch endpoint systems, continually update their anti-virus software, and conduct regular phishing awareness programs for all staff members. Awareness can go a long way in creating basic protection.
Accenture also urges organizations to collaborate and report all cybersecurity incidents to authorities. In other words, don’t operate in a bubble. Don’t suffer alone, and don’t let others suffer like you’ve suffered if you’ve been victimized. The more the industry shares and reports, the greater threat awareness can be on a big-picture level and the better off everyone on the right side of the law will be. Finally, organizations should act now to prepare a business continuity plan to ensure operations can continue to run as smoothly as possible in the event of a cyberattack.
Want to tweet about this article? Use hashtags #IoT #sustainability #AI #5G #cloud #edge #digitaltransformation #machinelearning #infrastructure #cybersecurity #cyberthreats #IT #OT #ransomware #malware