Cyberattack – How Threat Actors are Targeting Enterprises amid COVID-19

38
Cyberattack – How Threat Actors are Targeting Enterprises amid COVID-19

The level of today’s digital attack surface is highly damaging, if internet-wide
telemetry and an enormous amount of internet data of an organization, is anything to go by.

Cyber-attacks across the globe are increasing, with the widespread telemetry and Big Data  usage. It is essential to realize that the modern corporate digital attack surface is letting  more attackers exploit data amid the COVID-19 crisis. Recently, RiskIQ has analyzed the   critical business concerns around the subject and published its latest report, titled – ‘Analysis of an Attack Surface: Five Ways Hackers are Targeting Organizations’. The research is a data-driven study of the company’s digital presence across multiple areas where they lack visibilities. As a result, malicious actors are exploiting these available blind spots.

The company’s unique technology and strategies have extracted terabytes of internet data   for mapping several associations between the internet-exposed infrastructures to assess   digital risk. As mentioned by Lou Manousos, CEO at RiskIQ – “Today, organizations are responsible for defending not only their internal network, but also their digital presence   across the internet and the cloud…Bringing the massive scope of an organization’s attack surface into focus helps frame the challenges of extending cybersecurity outside the   corporate firewall, especially as staff is forced to work from home in response to COVID-19  push that boundary farther out”

RiskIQ noted that while carrying out this research, their systems daily scanned hundreds of  unique ports and related service banners – spanning the IPv4 space, effecting billions of  HTTP requests. This helped to take in DNS data and take out web components like SSL   certificates, cookies, and tracking code. Some of the principal findings from the report are –

a] The worldwide attack surface is bigger than one could expect – The report found   2,959,498 new domains (precisely, 211,392 per day) and 772,786,941 new hosts   55,199,067 per day across the web in two weeks – each of them representing a potential target for the threat actors.

b] Hackers might know more about an attack surface than the company – Considering the attack surfaces of FTSE-30 companies, every firm had about 324 expired certificates and nearly 46 web frameworks (on average) with the known vulnerabilities.

c] Hidden attack surface – In Q1 of 2020, RiskIQ had identified around 21,496 phishing   domains spanning 478 unique brands.

d] Mobile attack surface – Last year, the researchers found 170,796 blacklisted mobile   applications across 120 mobile apps stores and on the open internet.

e] JavaScript Threats is the latest edge of cybercrime – As of now, in 2020, about 2,552 Magecart attacks were detected, which is 425 instances of Magecart per month.

Organizations need to understand how their system looks like from the outside-in.   therefore; it may be a good idea to develop an attack surface management program that   will enable businesses to find out information linked with their organization on the web. It   can get both legitimate and malicious details (if any), and can also inspect the targeted risks.