A cyber threat landscape report for H2 2021 shows five top cybersecurity threats and details best practices for protection.
Based on data collected from incident response engagements, Accenture has produced a cyber threat intelligence report analyzing key trends affecting the cybersecurity landscape.
The report reveals key insights into five cybersecurity threats that have wreaked havoc on organizations during the second half of 2021, and industry best practices to defend against them:
- Ransomware attacks
Manufacturing, financial services, healthcare and technology remained the most targeted industries for such cyber threats. Affiliate disputes are also on the rise, alongside a rapid evolution of cloud-related malware.
Best practice: Organizations should build zero trust principles into their security strategy, and focus on robust offsite backups, training, improved authentication, patching and response plans.
- Supply chains attacks
Moving to the cloud has meant that many organizations have increased the consequences of supply chain cyber vulnerabilities. Backdoor threats were more common, emerging as the second-most-prevalent type of malware (30%) behind ransomware (33%) in the Accenture data.
Best practice: Organizations should focus on integrating audits into DevOps cycles, updating security frameworks, threat modelling suppliers and introducing mature software supply chain programs.
- Information stealers
Such malware remain highly active, with the most utilized being Redline, Vidar, Taurus, Racoon and Azorult.
Best practice: Organizations should focus on improving protection of corporate environments, and must also be aware of the rapid rise in underground sales of ‘bots’ that enable the easy use of stolen data via a browser plug-in.
- Cloud-centricity attack vectors
Expanding cloud infrastructure creates highly scalable and reliable command-and-control infrastructure and botnets. Cloud-centric toolset threats are also escalating, such as the emergence of TeamTNT.
Best practices: Organizations should focus on auditing and testing for cloud misconfiguration, adopting an identity and access management framework and establishing multi-factor authentication.
- Vulnerability exploits
Underground markets for sale of vulnerability exploit information are growing, and cybercriminals are also beginning to capitalize on the Log4j vulnerability.
Best practices: Organizations should focus on defending network access, getting back to security basics such as regular patch management and proactive testing.