- Get link
- X
- Other Apps
Lack of Strategy and Planning Promotes Security Risks
With the exponentially growing dependency on technology, the
need for robust cybersecurity to protect users as well as data and business
processes from hackers is increasing - says Vectra AI. However, the
increasing activity of cybercriminals has become a dilemma. The more
companies invest in data protection technologies, the more skilled
cybercriminals become. They change their attack methods and behavior to disappear into normal data traffic, bypass traditional network
controls, break into the infrastructure, and steal credentials.
Because of this constant push, Network Detection, and Response
(NDR) is an essential aspect of any leadership team today? Attacks
targeting Software-as-a-Service (SaaS) user accounts are one of the fastest-growing and most prevalent security problems today. This trend started
long before COVID-19 and has accelerated as more companies move to the cloud.
The
Disadvantages of Teleworking
When the workforce moved to work from home during the initial
lockdowns, the move to online collaboration and productivity tools was quick
but largely smooth. A by-product of this change is an increased volume of
much more sensitive data that is shared across multiple devices. In many
cases, this information is now vulnerable.
That's because current security approaches can lose track as
environments expand into the cloud, where users increasingly store multiple
accounts and access resources from both approved and unapproved devices. When
the boundaries between professional and private online interaction blur, the
exposure to cyber risks increases dramatically.
Reinforcement
of The Gaps in Defense Mechanisms
In the past, companies have relied on tightly controlled on-site
servers where network security solutions have largely protected data. With
more and more new devices accessing corporate and cloud networks, traditional
solutions have become vulnerable to greater risk activity and misuse of data in
cloud applications.
“The reality today is that private and trusted networks can no
longer be fully protected by traditional security solutions that focus solely
on the use of signatures and the detection of anomalies. Industry analysts
and experts agree that NDR is better suited to identify and stop attacks in the
modern data center infrastructure, ”reports Andreas Müller, Director DACH at
Vectra AI. "The introduction of NDR has gained
tremendous momentum through the correlation of attacker behavior and the course
of threats between cloud, hybrid and on-premises networks."
We know that cybercriminals are exploiting a larger attack surface and are becoming more and more advanced. It is therefore no longer enough to strengthen security at the network perimeter, especially when it comes to stopping clever attackers and speeding up detection. In fact, the idea of a network perimeter no longer exists as users can connect from anywhere.
In many organizations, security
technology focuses on user behavior, although the focus should be on attacker
behavior. This requires knowledge of what attackers can do on the
platforms instead of monitoring allowed users and what they are sharing while
looking out for malicious insiders. It is time to change perspective and
look at the bigger threat - the behavior of the attacker.
A
Lesson from Office 365
Observation of Microsoft Office 365 users shows how easy it is
for hackers to break into a company's network. Vectra AI's most
recent Spotlight Report on Office 365 gathered opt-in
data from four million Office 365 users worldwide and found that 96 percent of
customers exhibit malicious lateral movement behavior. This means that as
soon as a hacker gains access to an Office 365 account, the back door to a
corporate network opens and makes it vulnerable to attack. An example of
this is Microsoft Power Automate. Formerly Microsoft Flow, it was designed
to automate user tasks and save time. Power Automate is enabled by default
in Office 365.
“Unfortunately, Power Automate is a blind spot that creates
dangerous security vulnerabilities in Office 365. Research from the
Spotlight Report on Office 365 shows that 71 percent of customers display
suspicious behavior in Office 365 Power Automate, ”explains Andres Müller. Currently,
a Power Automate script can be set up so that it automatically takes all
attachments in an email and saves them in OneDrive. An attacker could then
compromise an account and use Power Automate to take these documents and
exfiltrate them into a Dropbox account.
Attackers have exploited this feature to assume an accounting
identity and switch from Office 365 to a device or on-site. They can then
log in as a specific user within Office 365 and start corrupting or
exfiltrating data, or moving sideways to find valuable assets to steal.
Adapt
Network Security to Changing Tactics
With NDR, organizations can see what attackers are doing, where
they are on the network, and quickly stop attacks before they become data
security incidents. NDR uses AI-derived machine learning algorithms to
identify early threat behaviors in hybrid, on-premises, and cloud environments. It
also automatically detects and prioritizes attacks that pose the greatest risk
to your business and triggers a real-time response to quickly mitigate threats.
To protect data and reduce cyber risks, companies must take a proactive rather than reactive approach to cybersecurity. It can
be a costly mistake to rely solely on outdated security at the network
perimeter. Today, NDR is a key cornerstone of cybersecurity best
practices.
Try Total Security Software to Prevent Cyber Attacks
“When it comes to strategic security investments in 2021, it is time to think about where the best value, line of defense will come from, and how organizations can better ensure they are protected. This is especially true because in this likely complex and critical year, companies will increasingly rely on hybrid, local, and cloud platforms for a range of different devices” concludes Andreas Müller from Vetra AI.
Comments
Post a Comment