- Get link
- X
- Other Apps
The best way to answer this question is to look back at what criminals have already done (and unfortunately they did it right) - because it allows us to try to predict the future without using a crystal ball. Cybercriminals are just like all of us in this regard. Discovering something that works? Do it again. And once more. In fact, they are always looking for gaps. Weaknesses.
'Defense Against Key Threats' is a Cisco report that provides details on five of the last year's popular cyber threats. Why are we focusing on them? Not only because of their scale. We believe that such or similar threats may appear in the near future.
What Dangers Are We Talking About?
- Emotet - a Malware Distribution Trojan
- Vpnfilter - a Modular Threat to IoT
- Managing Mobile Devices Without Authentication
- Cryptocurrency Mining
- Olympic Destroyer - an Example of a Destructive Cyber Attack Campaign
The threats listed above represent specific trends. An example would be modular threats. They download plug-ins or other modules depending on the type of infected device or the target of the attack.
- The third step of VPNFilter infection was the use of plugins to help the attackers achieve their intended target.
- Emotet Trojan's distribution system could encompass many types of software: from info stealer to ransomware - depending on the type of infected system.
- The successful installation of unauthenticated mobile device management profiles opens the door to malware installation attacks.
We identified many of these types of modular threats in 2020, and it will not be a big surprise if they reappear.
To get a full report about the dangers (about 10 minutes of reading), see here.
NEW: Proactive threat detection
It happens even to the best. You may have reliable antivirus software deployed in your environment, and yet an attacker will slip through the barriers. Often this is because of a weakness that did not seem critical or went unnoticed. Such an incident can teach humility and has been experienced by many security experts, though few would admit it.
And here comes the issue of proactive incident detection: activities to find threats that have managed to slip through walls and hide in a given environment.
The overarching goal of proactive threat detection is not only to identify them but also to implement policies and strategies to take security-related actions. In fact, even the most successful searches do not stop when a threat is detected. Instead, they can pinpoint a weakness in the environment that needs to be addressed.
In the latest Cisco Cyber Threat Report, we provide an overview of the discipline behind proactive threat detection. We examine the basics, we look at why it is worth doing it, who should be involved in the process, and why, where, and when to look.
Here's What You Can Learn From the Report:
- Which gives you proactive threat detection. It enables security professionals to proactively look for unknown threats, identify future weaknesses, and learn about the tools that are needed in the event of a security breach.
- How to assemble a competent threat detection team and what skill set should they have.
- How to recognize warning signs and tips for when an organization should start the proactive threat detection process.
- How to Hunt: Our researchers provide clear and concrete steps you can take, such as analyzing logs, paying attention to the unusual user or device behavior, analyzing CPU spikes, and more.
Comments
Post a Comment