Five cyber defense strategies

20. February 2024
| No comments
Five cyber defense strategies
Advertising

Share post

In the past two years, attackers have managed to penetrate the systems of 78 percent of German companies. This is shown by the “Data Risk Management” study by Veritas Technologies. What's particularly concerning is that AI tools like WormGPT make it easier for attackers to refine their social engineering attacks through AI-generated phishing emails.

But that's not all: AI-controlled, autonomous ransomware attacks will continue to occur more frequently in 2024. Below, Veritas explains the effective methods and proven tips for defending against cyberattacks, especially with regard to ransomware.

Advertising

Password hacking

Cybercriminals exploit security gaps and get hold of other people’s passwords. Brute force attacks, password lists from the dark web and common passwords such as “Password123” enable quick access to secured systems. To guess passwords based on personal information from social media, many hackers use social engineering methods. After a successful login, they bypass security controls and carry out lateral attacks to access critical data.
Therefore, passwords must be updated regularly, be at least twelve to 14 characters long and contain a combination of upper and lower case letters, numbers and symbols.

Phishing attacks

Cybercriminals often trick distracted employees into clicking malicious links. These links are used specifically to distribute malware, sabotage systems, or steal intellectual property. Various communication channels such as emails, text messages, social media and telephone calls are used for this purpose. A commonly used method is spear phishing. The attackers use information about a company or an employee to pose as a trustworthy source.
Actively training and encouraging employees to proactively adopt safety practices is critical. One focus is on training to recognize phishing methods and social engineering tactics.

Advertising

Subscribe to our newsletter now

Read the best news from B2B CYBER SECURITY once a month



By clicking on "Register" I agree to the processing and use of my data in accordance with the declaration of consent (please open for details). I can find more information in our Privacy Policy. After registering, you will first receive a confirmation email so that no other person can order something you don't want.
Expand for details on your consent
It goes without saying that we handle your personal data responsibly. If we collect personal data from you, we process it in compliance with the applicable data protection regulations. Detailed information can be found in our Privacy Policy. You can unsubscribe from the newsletter at any time. You will find a corresponding link in the newsletter. After you have unsubscribed, your data will be deleted as soon as possible. Recovery is not possible. If you would like to receive the newsletter again, simply order it again. Do the same if you want to use a different email address for your newsletter. If you would like to receive the newsletter offered on the website, we need an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data is not collected or only collected on a voluntary basis. We use newsletter service providers, which are described below, to process the newsletter.

CleverReach

This website uses CleverReach to send newsletters. The provider is CleverReach GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede, Germany (hereinafter “CleverReach”). CleverReach is a service that can be used to organize and analyze the sending of newsletters. The data you enter for the purpose of subscribing to the newsletter (e.g. email address) will be stored on the CleverReach servers in Germany or Ireland. Our newsletters sent with CleverReach enable us to analyze the behavior of the newsletter recipients. This can include It is analyzed how many recipients have opened the newsletter message and how often which link in the newsletter was clicked. With the help of so-called conversion tracking, it can also be analyzed whether a previously defined action (e.g. purchase of a product on this website) took place after clicking on the link in the newsletter. Further information on data analysis by CleverReach newsletter is available at: https://www.cleverreach.com/de/funktionen/reporting-und-tracking/. The data processing takes place on the basis of your consent (Art. 6 Para. 1 lit. a DSGVO). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation. If you do not want an analysis by CleverReach, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. The data you have stored with us for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you have canceled the newsletter. Data stored by us for other purposes remain unaffected. After you have been removed from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist if this is necessary to prevent future mailings. The data from the blacklist is only used for this purpose and is not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR). Storage in the blacklist is not limited in time. You may object to the storage if your interests outweigh our legitimate interest. For more information, see the privacy policy of CleverReach at: https://www.cleverreach.com/de/datenschutz/.

Data processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.

Stolen passwords

User data, especially passwords, are often offered on the DarkWeb. The sale is lucrative. In order to get sensitive information, cybercriminals like to use the tactic of “shoulder surfing”. They observe how their victim enters usernames and passwords. After successfully penetrating systems, cybercriminals actively move between different environments to locate business-critical data, confidential information and backup systems. Implementing a company-wide zero trust approach offers companies a high level of protection and minimizes the attack surface.

Best practices include strong identity and access management (IAM) with multi-factor authentication (MFA). It is important to use Role Based Access Control (RBAC), integrate biometrics for improved identification, and leverage hardware security keys. Access to data should only be permitted to authorized users. To increase security, a clear policy to change user and application passwords on a regular basis should be implemented. Integration with privileged access management, such as CyberArk, plays a crucial role here. During data protection operations, critical systems should only actively retrieve passwords. An integration with an identity provider whose solution is based on SAML 2.0 opens up additional authentication options.

Man-in-the-middle attack

Sensitive data can also be stolen through a man-in-the-middle (MitM) attack. Usernames and passwords are intercepted in transit over the network connection. To prevent this type of attack, it is important that data is encrypted both in transit and at rest. Additional strategies include using a key management service with a tamper-resistant hardware security module (HSM) and adhering to cryptographic standards such as FIPS 140. Bring Your Own Encryption Key (BYOK) models make it easier to control and manage encryption keys.

Malicious insider

Insider threats can come from current or former employees. This doesn't always have to be malicious, but can also happen due to negligence - a security vulnerability that is increasingly causing disruptions. Effective countermeasures include access controls and the implementation of minimal rights allocation. Accordingly, employees should only have the access rights that they need for their respective tasks. If an employment relationship is terminated, access rights must be changed.

Companies should also use systems to monitor network activity, file access and other relevant events. Regular audits can be used to identify suspicious activity. “Through comprehensive security solutions, companies not only support their IT professionals, but also strengthen the cyber resilience of their company. A multi-tiered approach with proven practices such as MFA, role-based access controls, data encryption and AI-driven security features is essential,” explains Ralf Baumann, Country Manager at Veritas Technologies. “To minimize downtime in the event of disruptions, recovery environments should be optimized. Therefore, it is critical to use devices that have additional layers of security, including immutable storage and built-in container isolation.”

More at Veritas.com

 

About Veritas

Veritas Technologies is a leading provider of secure multi-cloud data management. More than 80.000 customers – including 91 percent of Fortune 100 companies – rely on Veritas to protect, restore and ensure compliance with their data.

Matching articles on the topic

AI-supported assessment of network vulnerabilities

Innovations continue to drive cybersecurity consolidation by eliminating outdated vulnerability management tools and extending AI-based risk prioritization to network assets ➡ Read more

Ransomware groups rely on more affiliate models

The APT groups DragonForce and Anubis introduce innovative approaches to expanding their activities and consider themselves a cartel. ➡ Read more

Majority of security experts consider cyber immunity to be effective

A recent survey of cybersecurity experts in companies in Germany shows a clear need for cybersecurity strategies that go beyond traditional solutions. ➡ Read more

Attacks on the water supply

Water is one of the most valuable resources as the basis of all life. It is therefore no wonder that water supply is increasingly becoming a goal ➡ Read more

PHASR proactively strengthens endpoint security

An industry-first endpoint security solution that hardens endpoints dynamically and tailored to each user: Bitdefender's PHASR. This ensures that security configurations ➡ Read more

Using exposure management against ransomware

A leading IT security company has published its latest cybersecurity report. Only a quarter of German security experts are optimally prepared for ransomware attacks. ➡ Read more

Sophisticated Phishing-as-a-Service (PhaaS) platform

Security researchers have uncovered a sophisticated Phishing-as-a-Service (PhaaS) platform that poses a serious threat to organizations around the world. The threat actor ➡ Read more

PDFs: The Trojan Horses of Hackers

Cybercriminals are increasingly using the popular PDF file format to hide malicious code. Recent IT forensics findings underscore this: 68 ➡ Read more

 

PR News
, , , ,