Skip to content
cybersecuritydata-and-cloud-computingTechnology

Hackers Infiltrating Companies through Security Breaches

Cybercriminals predominantly employ phishing scams, software and container weaknesses, and purloined account credentials, as per findings from leading cybersecurity companies.

 and  Administrator
2 min read
Infiltrating Organizations: A Look at the Methods Hackers Employ
Infiltrating Organizations: A Look at the Methods Hackers Employ

Hackers Infiltrating Companies through Security Breaches

In the ever-evolving landscape of cybersecurity, new threats are constantly emerging. A recent report by VMware's Global Incident Response Threat Report, presented at Black Hat USA in Las Vegas last week, sheds light on one such frontier: application programming interfaces (APIs).

According to the report, nearly one-quarter of all attacks compromise API security. Malicious insider attacks, too, are on the rise, with 41% of respondents encountering such attacks in the last year.

IBM Security's report identifies stolen or compromised credentials as the most common initial attack vector for data breaches in 2022. Attackers often use these compromised credentials to gain access to organizations' data or networks. Phishing attacks, business email compromise, known software vulnerabilities, and stolen or compromised credentials are common tactics employed by these attackers.

Software vulnerabilities accounted for nearly half of all cases of initial access used by threat actors to deploy ransomware during the last year, according to Unit 42's report. Exploits of vulnerabilities in containers, a widely adopted cloud-native technology, increased during the same period. Three-quarters of respondents said they encountered container vulnerability exploits compared to two-thirds in 2021, according to VMware's report.

Ransomware attacks are another significant concern. Almost 60% of respondents told VMware their organization experienced a ransomware attack during the last year. Two-thirds of respondents encountered affiliate programs or partnerships between ransomware groups, according to the same report. However, the report does not specify the percentage of ransomware attacks that involved affiliate programs or partnerships between ransomware groups.

The top types of API attacks include data exposure, SQL and API injections, and distributed denial-of-service, according to VMware. These attacks can take various forms, such as data exposure, SQL and API injections, and distributed denial-of-service.

The findings from these reports support the conclusion that known initial vectors for attacks remain persistent. Palo Alto Networks' Unit 42's research on incident response also supports this conclusion. IBM Security's research on data breaches also supports the findings that attackers are constantly seeking new pathways to gain access.

In conclusion, the cybersecurity landscape is evolving rapidly, with APIs becoming a new frontier for attackers. Organizations must be vigilant and proactive in securing their APIs, as well as addressing known vulnerabilities and protecting against ransomware attacks.

Read also:

Related

Latest