Most recent cyber criminal tactics include dynamic phishing, smishing — text message phishing, leveraging DNS infrastructure, quicker exploitation of new vulnerabilities, and evolving financial fraud campaigns
BlueVoyant, a cybersecurity company that illuminates, validates, and remediates internal and external risks in one platform, today released the findings of its new report, “Emerging External Cyber Defense Trends,” which highlights the risks organizations face from outside the traditional IT perimeters.
“As enterprises’ internal cybersecurity has become better defended and better monitored, cyber threat actors have evolved their tactics to focus on new methods of compromise, targeting a wider attack surface than ever before,” said Joel Molinoff, BlueVoyant’s global head of supply chain defense. “This report shines a spotlight on the latest cyber criminal techniques BlueVoyant’s threat intelligence has observed, plus recommended actions organizations can take to help prevent these threats.”
The report’s key findings focus on:
- Dynamic Phishing Tactics: Attackers increasingly evade detection by directing consumers to spoofed domains and presumed threat hunters to an error page. BlueVoyant found that redirections increased 240% in 2022.
- Leveraging Dynamic DNS Infrastructure: Cyber criminals more and more use a new type of hosting provider to create and set up short-lived websites. This vector provides an opportunity for a low-cost, high-volume campaign that can be duplicated in future attacks — all without having to register a domain.
- Smishing: The use of SMS text messages to distribute phishing messages is on the rise as cyber attackers are increasingly abusing legitimate text messaging services to deliver phishing messages.
- Open Ports: With the rise of remote work from the COVID-19 pandemic, more employees need remote network access. Cyber criminals are increasingly scanning for the ports that allow this in order to gain a foothold into organizations’ networks. These ports, if misconfigured, are a common ransomware delivery method.
- The Need to Patch Quicker: Every week new vulnerabilities are discovered across multiple industries, and these vulnerabilities can quickly become a critical attack vector. Despite this, many organizations are slow to patch.
- Financial Fraud Campaigns: Cyber criminals are finding new ways to carry out financial fraud, such as using instant messaging to plan campaigns and sell stolen data, instead of dark web forums, which are known to be more easily accessible by law enforcement agencies, and therefore are considered less secure by many criminals.
“It has become harder for organizations to identify basic external-facing vulnerabilities and threats due to sheer volume, and threat actors are increasingly taking advantage of these exposures, pivoting and evolving their tactics to achieve their goals,” said Ron Feler, BlueVoyant’s global head of threat intelligence. “On top of this, organizations must now respond to potential threats much quicker as attackers have gotten quicker to exploit vulnerabilities.”
BlueVoyant undertook this research to raise awareness of cyber defense challenges organizations are facing and to help them better defend against attacks. The research was completed using trend data queries from BlueVoyant’s Supply Chain Defense and Digital Risk Protection solutions.
Supply Chain Defense continuously monitors clients’ vendors, suppliers, and other third parties for any vulnerabilities, and then works with those third parties to quickly resolve issues. The platform identifies enterprises’ internet-facing software vulnerabilities and other exploitable opportunities with techniques similar to those used by external cyber attackers while profiling prospective targets.
Digital Risk Protection goes outside the wire to find threats against clients on the clear, deep, and dark web, plus instant messaging applications. The platform has unique access to DNS data sets and cyber crime channels to find the latest cyber attacker techniques, tactics, and procedures, and to provide unlimited external remediation requests to help prevent financial loss and reputation damage.
Visit AITechPark for cutting-edge Tech Trends around AI, ML, Cybersecurity, along with AITech News, and timely updates from industry professionals!