BETA
This is a BETA experience. You may opt-out by clicking here

More From Forbes

Edit Story

The ‘New Normal’ Also Applies To The Cyber Threat Landscape

Following
This article is more than 2 years old.

There is a lot of talk about the “New Normal.” The way we live and work has fundamentally changed as organizations adopted work-from-home business models in response to the COVID-19 pandemic. Many of the changes that were initially intended as short-term band-aids are now being embraced by businesses and employees as the new standard. A new report from Deep Instinct examines cyber threat trends and suggests that threat actors also have their own “New Normal.”

Cyber Threat Landscape Report

Deep Instinct, a pioneer in applying deep learning to cybersecurity, recently shared its bi-annual Cyber Threat Landscape Report. The report is a reflection of Deep Instinct’s view of the current threat landscape based on analysis of data the Deep Instinct team has seen over the past year as they protect customers.

There is a lot of great insight and detail available in the report, but here are the 5 top takeaways:

· Supply Chain Attacks. Attackers are increasingly leveraging supply chain attacks to reach a widen the potential blast radius of an attack to a wider base of targets.

· High-Profile Attacks. There is a shift from long dwell-time attacks and a focus on stealth to more high-profile and high-impact attacks.

· Public / Private Sector Collaboration. One silver-lining trend has been the improved partnership between nation-states and between the public sector and private sector in the effort to combat cyber threats.

· Accelerated Zero-Day Exploits. Zero-day exploits are nothing new, but there seems to be a trend to accelerate efforts to develop and deploy exploits against zero-day vulnerabilities.

· Cloud Weak Link. Threat actors realize that digital transformation and the shift to a work-from-home business model have dramatically increased adoption of cloud services and SaaS (software-as-a-service) applications and they are focusing more attacks there.

One of the most important takeaways, though, is the recognition of what the “New Normal” means for the threat landscape going forward.

Shimon Oren, VP of Research and Deep Learning at Deep Instinct, declares in the report, “The ongoing transition of many organizations to a work-from-anywhere or hybrid work model has broadened and multiplied attack surfaces, in the process rendering defenses less active.”

Oren also notes, “Bad actors are clearly investing in anti-AI and adversarial attack techniques and integrating these methods into their larger evasion strategy.”

Expert Insight

I spoke with Oren about the Cyber Threat Landscape Report. I started by digging in a little on the issue of supply chain attacks. The SolarWinds and Kaseya attacks are two prime examples of threat actors compromising a target as a means to surreptitiously spread malicious code and gain access to a large pool of unsuspecting targets. I asked Oren to share more insight on what he sees with supply chain attacks.

Oren explained that past supply chain attacks have generally come from nation-state adversaries, but that he expects we will see a growing trend of cybercriminal threat actors embracing the tactic as well. He stressed, however, that these attacks require a level of patience and sophistication that average cybercriminals don’t have.

He told me, “That's the thing. A supply chain attack is something that takes time to develop and to be able to deliver in a way that's successful. But once you've done that, the impact is huge, and it's practically endless.”

We also talked about the prevalence of zero-day vulnerabilities—or at least the perception of their prevalence. Oren shared that he doesn’t necessarily believe there are more zero-day vulnerabilities today than in years past. He feels like we are just hearing about them and discovering them more frequently.

“The fact that we're finding those more is because they're being used more and not only by nation-states. The thing about a zero-day is, if I'm an attacker and I have a zero-day vulnerability, I need to be kind of careful about how I use that because if I use that too widely to carry out a very noisy attack, I'll lose that zero-day for certain right. If I have a very, very specific target? Fine. It's worth it. I can burn that zero-day on that target.”

The “New Normal” Threat Landscape

When I spoke with Deep Instinct CEO and co-founder Guy Caspi last year, he told me, “The whole idea behind Deep Instinct is to predict and prevent before something is going to infect you—before something is going to on your PC, mobile device, tablet, server, or whatever.”

That is why information like this is important. The value of a report like this is that it illustrates current threat trends so organizations can proactively prepare to stay ahead of the curve with the threat landscape.

It should be no surprise that Deep Instinct predicts that we are in for more supply chain attacks. The report also highlights other threats on the horizon, like the risk of VPN connections as a breach vector, the increased sophistication of defense evasion techniques by threat actors, the intense targeting of the health sector, and the rise of malware-as-a-service.

The report also cautions that threat actors are embracing the “New Normal” as well—and aggressively looking for weak links and areas of increased risk it exposes.

“According to a report by the Financial Stability Board, cybersecurity incidents had increased from 5,000 per week in February 2020 to more than 200,000 per week by late April 2021. Moreover, according to a report by BAE Systems, the pandemic forced companies to cut costs, reducing the cybersecurity budgets by 26% and forcing IT teams to focus on the challenges of remote work at the expense of cybersecurity. Even though the number of COVID-19 malspam is in decline, the pandemic is still a catalyst for malware spread.”

Cybercriminals are relentless—but more than that, they are opportunistic. As technology evolves and the attack surface shifts, cybercriminals are quick to adapt and change their tactics, techniques, and procedures accordingly. Organizations need to be aware of this and actively work to maintain effective cybersecurity and protect against emerging attacks.

You can check out the full Deep Instinct Cyber Threat Landscape Report here.

Follow me on LinkedInCheck out my website