Connect with us

News

Key IT security trends that are expected to shape 2021: Sophos

Published

on

NEW DELHI: British security software and hardware company Sophos said that it has published the Sophos 2021 Threat Report, which flags how ransomware and fast-changing attacker behaviors, from advanced to entry level, will shape the threat landscape and IT security in 2021.

The report, written by SophosLabs security researchers, as well as Sophos’ threat hunters, rapid responders, and cloud security and AI experts, provides a three-dimensional perspective on security threats and trends, from their inception to real-world impact.

Three key trends analyzed in the Sophos 2021 Threat Report include:

1. The gap between ransomware operators at different ends of the skills and resource spectrum will increase. At the high end, the big-game hunting ransomware families will continue to refine and change their tactics, techniques and procedures (TTPs) to become more evasive and nation-state-like in sophistication, targeting larger organizations with multimillion-dollar ransom demands. In 2020, such families included Ryuk and RagnarLocker. At the other end of the spectrum, Sophos anticipates an increase in the number of entry level, apprentice-type attackers looking for menu-driven, ransomware-for-rent, such as Dharma, that allows them to target high volumes of smaller prey.

Another ransomware trend is “secondary extortion,” where alongside the data encryption the attackers steal and threaten to publish sensitive or confidential information, if their demands are not met. In 2020, Sophos reported on Maze, RagnarLocker, Netwalker, REvil, and others using this approach.

“The ransomware business model is dynamic and complex. During 2020, Sophos saw a clear trend towards adversaries differentiating themselves in terms of their skills and targets. However, we’ve also seen ransomware families sharing best-of-breed tools and forming self-styled collaborative ‘cartels,’” said Chester Wisniewski, principal research scientist, Sophos. “Some, like Maze, appeared to pack their bags and head for a life of leisure, except that some of their tools and techniques have resurfaced under the guise of a newcomer, Egregor. The cyberthreat landscape abhors a vacuum. If one threat disappears another one will quickly take its place. In many ways, it is almost impossible to predict where ransomware will go next, but the attack trends discussed in Sophos’ threat report this year are likely to continue into 2021.”

2. Everyday threats such as commodity malware, including loaders and botnets, or human-operated Initial Access Brokers, will demand serious security attention. Such threats can seem like low level malware noise, but they are designed to secure a foothold in a target, gather essential data and share data back to a command-and-control network that will provide further instructions. If human operators are behind these types of threats, they’ll review every compromised machine for its geolocation and other signs of high value, and then sell access to the most lucrative targets to the highest bidder, such as a major ransomware operation. For instance, in 2020, Ryuk used Buer Loader to deliver its ransomware.

“Commodity malware can seem like a sandstorm of low-level noise clogging up the security alert system. From what Sophos analyzed, it is clear that defenders need to take these attacks seriously, because of where they might lead. Any infection can lead to every infection. Many security teams will feel that once malware has been blocked or removed and the compromised machine cleaned, the incident has been prevented,” said Wisniewski. “They may not realize that the attack was likely against more than one machine and that seemingly common malware like Emotet and Buer Loader can lead to Ryuk, Netwalker and other advanced attacks, which IT may not notice until the ransomware deploys, possibly in the middle of the night or on the weekend. Underestimating ‘minor’ infections could prove very costly.”

3. All ranks of adversaries will increasingly abuse legitimate tools, well known utilities and common network destinations to evade detection and security measures and thwart analysis and attribution. The abuse of legitimate tools enables adversaries to stay under the radar while they move around the network until they are ready to launch the main part of the attack, such as ransomware. For nation-state-sponsored attackers, there is the additional benefit that using common tools makes attribution harder. In 2020, Sophos reported on the wide range of standard attack tools now being used by adversaries.

“The abuse of everyday tools and techniques to disguise an active attack featured prominently in Sophos’ review of the threat landscape during 2020. This technique challenges traditional security approaches because the appearance of known tools doesn’t automatically trigger a red flag. This is where the rapidly growing field of human-led threat hunting and managed threat response really comes into its own,” said Wisniewski. “Human experts know the subtle anomalies and traces to look for, such as a legitimate tool being used at the wrong time or in the wrong place. To trained threat hunters or IT managers using endpoint detection and response (EDR) features, these signs are valuable tripwires that can alert security teams to a potential intruder and an attack underway.”

Additional trends analyzed in the Sophos 2021 Threat Report include:

· Attacks on servers: adversaries have targeted server platforms running both Windows and Linux, and leveraged these platforms to attack organizations from within

· The impact of the COVID 19 pandemic on IT security, such as the security challenges of working from home using personal networks protected by widely varying levels of security

· The security challenges facing cloud environments: cloud computing has successfully borne the brunt of a lot of the enterprise needs for secure computing environments, but faces challenges different to those of a traditional enterprise network

· Common services like RDP and VPN concentrators, which remain a focus for attacks on the network perimeter. Attackers also use RDP to move laterally within breached networks

· Software applications traditionally flagged as “potentially unwanted” because they delivered a plethora of advertisements, but engaged in tactics that are increasingly indistinguishable from overt malware

· The surprising reappearance of an old bug, VelvetSweatshop – a default password feature for earlier versions of Microsoft Excel – used to conceal macros or other malicious content in documents and evade advanced threat detection

· The need to apply approaches from epidemiology to quantify unseen, undetected and unknown cyberthreats in order to better bridge gaps in detection, assess risk and define priorities

Continue Reading
Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

News

Cyber crime threat to India’s progress, security: Pramod Sawant

Published

on

PANAJI: Goa Chief Minister Pramod Sawant on Friday said cyber crime is a threat to India’s progress and security and cyber warriors need to be created to combat the menace.

Sawant was speaking at the International Conference on Information Security, Privacy and Digital Forensics (ICISPD 2022) at BITS Pilani campus in Vasco city, 35 km from here.

The chief minister said the importance of comprehensively addressing social media privacy issues cannot be underestimated and the challenge calls for skilled experts.

Cybercrime is a threat to the progress and security of our nation. The need of the hour is to create cyber warriors to combat cyber crime, he said.

Sawant stressed on the need for awareness, knowledge and skills about the emerging trends in cybercrimes and training in latest technologies of cyber security and computer forensics.

As per data from the National Crime Records Bureau, a total of 52,974 cases of cyber crime were registered, showing an increase of 5.9 per cent in registration since 2020, he said.

The crime rate in this category had increased from 3.7 per cent in 2020 to 3.9 per cent in 2021, he added.

In 2021, 60.8 per cent of cyber crime cases were of fraud, 8.6 per cent of sexual exploitation and 5.4 per cent of extortion, Sawant said.

He further said that two of the greatest inventions of the 20th century, the computer and the internet have changed the world.

It is interesting that children born at the start of this millennium can’t even imagine a world without internet connectivity and mobile devices, he said.

The positive side of the internet and related technologies became clear during the COVID-19 pandemic, the chief minister said.

When self-isolation and social distancing were essential to control the outbreak, internet helped people remain connected, make payments, buy essentials, and most importantly, do their work, Sawant said.

Source: Press Trust of India

Continue Reading

News

Tech Mahindra Inks MoU with Digital Economy Promotion Agency

Published

on

NEW DELHI: Tech Mahindra, a leading provider of digital transformation, consulting, and business re-engineering services and solutions, and Digital Economy Promotion Agency (depa), a government agency established under the Ministry of Digital Economy and Society of Thailand to promote development of digital industry and innovation and ascertain nationwide digital technology adoption in order to achieve economic, social, cultural, and security benefits, have signed a Memorandum of Understanding (MoU) to accelerate digital transformation in Thailand.

As a part of the partnership, both organizations will co-develop innovative digital solutions and execute commercially viable projects and use cases for enterprises in areas of IoT, AI, 5G, Analytics, Blockchain, and Metaverse for various industries including Smart Cities, Telecom, among others.

Rajesh Chandiramani, Business Head, Communications-Media-Entertainment for EMEA and APJI Markets, Tech Mahindra, said, “We started our Thailand operations in 2004, and today it has become one of the most strategic and growth markets for us. Our partnership with depa will unlock immense potential for us to build, develop, and market innovative solutions for our customers in Thailand and support them in their digital transformation journey. This partnership is a major step forward in strengthening the industrial competitiveness between Thailand and India. We will also work towards diversifying the talent pool in the region through various skilling and upskilling initiatives on multiple technologies like NFT, Blockchain, Metaverse, AI, Analytics, IoT, 5G, Machine Learning, Quantum Computing, and Cloud.”

Digital Economy Promotion Agency (depa) was established under the Digital Development for Economy and Society Act promulgated on 23 January 2017. The agency aims to support and promote the development of digital industry and innovation, support and promote digital technology adoption, which benefits the national economy, society, culture, and security according to Article 34 of the Act.

Dr Passakon Prathombutr, Senior Executive Vice President of Digital Economy Promotion Agency, said, “Thailand aims to become ASEAN’s digital hub, for which a digital workforce is vital. This partnership with Tech Mahindra will empower our talent development in key fields such as AI, Blockchain, and the Metaverse. Depa is building Thailand Digital Valley (TDV), a state-of-the-art digital innovation ecosystem in the Eastern Economic Corridor (EEC). TDV will become the digital and innovation hub for the entire region. Hence, this collaboration is strategic to the digital economy and society.”

This partnership is in line with Tech Mahindra’s NXT.NOW™ framework, which aims to enhance ‘Human Centric Experience’, and focuses on investing in emerging technologies and solutions that enable digital transformation and meet the evolving needs of the customer.

Continue Reading

News

Naveen Patnaik inaugurates Happiest Minds Development Centre at Bhubaneswar

Published

on

NEW DELHI: Happiest Minds Technologies Limited, a ‘Born Digital. Born Agile’, Mindful IT Company, announced the inauguration of a new Development Centre at Fortune Towers (5th Floor) in Bhubaneswar, taking forward its long-term investment plans for further expansion in the state in alignment with the Make in Odisha focus of the state government.

Under the ease of business initiative, the Odisha state government’s State Level Single Window Clearance Authority (SLSWCA) granted approval to Happiest Minds to set up a software development centre at Fortune Towers located in Bhubaneswar. Happiest Minds has earmarked Rs. 265 crore investment towards this initiative.

Naveen Patnaik, Honourable Chief Minister of Odisha, said, “Odisha has been taking giant strides in IT sector in recent years. The growth momentum is accelerating in IT space with growing confidence of IT companies on Odisha as an investment destination. Odisha is now fast emerging as a technology resource hub of India creating jobs for our youth.”

Ashok Soota, Executive Chairman, Happiest Minds Technologies said, “We are delighted to start the operation of our new development centre at Bhubaneswar. At Happiest Minds, we have always embraced our responsibility to create a mindful impact on our communities, and we are grateful to the Hon’ble Chief Minister Shri Naveen Patnaik and the state government officials for their support in establishing this centre. We praise the new IT policy of the state and are optimistic that it will become one of the most preferred destinations for skilled talent, promoting greater employment opportunities for the youth.”

Venkatraman Narayanan, MD & CFO, Happiest Minds Technologies said, “The rise of Bhubaneswar as a destination of choice for businesses is on an ever-rising curve. This is the basis of the industry-supporting initiatives of the state government, duly complemented by the burgeoning talent pool available in the city and nearby regions. Aligned with the ethos of Happiest Minds, the new development centre (Smiles 7) will help us meet evolving customer needs, accelerating our growth and the overall development of the state.”

Founded in 2011, Happiest Minds has consistently gained recognition as among the best places to work in India and Asia. The company has won the Golden Peacock Award for Excellence in Corporate Governance 2022. The company recently acquired additional space to expand its presence in Bengaluru and extended its development facilities in Noida.

Continue Reading

Trending