WithSecure highlights common tactics used in data breaches

Share
Using data collected from cyber attacks observed by WithSecure in 2023, researchers were able to correlate tactics and toolsets used together in attacks
Predictive analysis as part of a study by WithSecure reveals how businesses could reduce data breach risks by correlating cyber attack tactics and toolsets

Predictive analysis can reduce risks associated with data breaches, according to a study conducted by WithSecure.

The company breaks down the most common links between different tactics and techniques observed in data breaches in its study, Unveiling the Arsenal: Exploring Attacker Toolsets and Tactics. It contains information about attacks observed during 2023 and walkthroughs for a variety of security incidents investigated by WithSecure, as well as security advice for organisations. 

During a time of increased cyber fraud and ‘bad actors’ compromising essential services at higher scales, it is important that studies like this highlight the need for greater cyber defence awareness and strategy.

Increasingly difficult for security analysts to understand attackers

The study ultimately demonstrates an alternative approach to predicting how cyber attacks can unfold. Using data collected from cyber attacks observed by WithSecure in 2023, researchers were able to correlate tactics and toolsets used together in attacks - correlations that provide a foundation for further analysis.

This type of analysis is more important than ever before, as 2023 has seen a wide range of hacks infiltrate and attack key systems. Recent reports have found that gaps in knowledge remain one of the main concerns to tackling more complicated cyber threats. 

As a result, 30% of cyber staff admit to currently facing burnout, with the pressure also meaning that less than half of companies in the UK alone are confident in their ability to handle the biggest threats facing organisations, including phishing (56%) and malware (55%).

With cyber crime becoming increasingly more sophisticated, predicting the actions of attackers based on profiling is becoming more challenging for cyber security professionals. To help address this challenge, WithSecure’s study demonstrates an alternative model of predicting how attacks unfold.

Trying to find new ways to combat cyber threats

WithSecure states that, in recent years, the cyber crime industry has become increasingly service-oriented, where different threat actors provide specialised services to one another. As a result, it has become increasingly difficult for security analysts to understand attackers and the threat they pose based strictly on their use of a particular tactic, technique, or procedure.

“You also have to consider that attackers are constantly expanding their toolkits to include new resources to use in attacks,” says WithSecure Intelligence Senior Researcher Neeraj Singh.

“That means they have more avenues to pursue an attack than ever before. These types of changes make traditional profiling techniques, where you understand and predict specific types of attacks by associating them with particular TTPs or toolsets, less effective.”

Researchers also found that both discovery and collection often lead to exfiltration and command and control tactics, indicating adversaries’ reliance on information that’s gathered and stolen from the victim’s machines. It is then sent back to the attackers to perform their next steps in an attack lifecycle.

According to Singh, correlations like these can provide a clear basis for making predictions about the different attack paths taken during attacks.

He explains: “machine learning can build on traditional data analysis techniques to train predictive models that can determine the likelihood of different tactics and toolsets being used on different premises. That’s the kind of preparation that organisations can use to begin reducing the risk of attackers using certain approaches against them.”

******

For more insights into the world of Cyber - check out the latest edition of Cyber Magazine and be sure to follow us on LinkedIn & Twitter.

Other magazines that may be of interest - Technology Magazine | AI Magazine.

Please also check out our upcoming event - Cloud and 5G LIVE on October 11 and 12 2023.

******

BizClik is a global provider of B2B digital media platforms that cover Executive Communities for CEOs, CFOs, CMOs, Sustainability leaders, Procurement & Supply Chain leaders, Technology & AI leaders, Cyber leaders, FinTech & InsurTech leaders as well as covering industries such as Manufacturing, Mining, Energy, EV, Construction, Healthcare and Food.

BizClik – based in London, Dubai, and New York – offers services such as content creation, advertising & sponsorship solutions, webinars & events.

Share

Featured Articles

Palo Alto Networks, Deloitte and The Push to Platformization

By expanding their partnership to EMEA, Palo Alto Networks is bringing to Deloitte the platformization needed in the modern cybersphere

Insurers Now Spotlighting Identity and Privilege Compromises

Delinea's latest survey reveals a sharp rise in cybersecurity insurance claims, pushing for advanced identity protection measures. Dive into how AI and met

Trend Micro Address AI Threat to Mobile Users with New App

Trend Micro Check is an all-in-one solution that recognises the threats that deepfakes are now posing to mobile users in elaborate scams

Solarwinds CISO Wants Global Cyber Laws After Winning Case

Cyber Security

Resurgence of Spam: Cisco Talos Sound Alarm on New Tactics

Hacking & Malware

Cloudhouse Head Talks Laws Incoming After Crowdstrike Outage

Operational Security