WithSecure highlights common tactics used in data breaches

Using data collected from cyber attacks observed by WithSecure in 2023, researchers were able to correlate tactics and toolsets used together in attacks
Predictive analysis as part of a study by WithSecure reveals how businesses could reduce data breach risks by correlating cyber attack tactics and toolsets

Predictive analysis can reduce risks associated with data breaches, according to a study conducted by WithSecure.

The company breaks down the most common links between different tactics and techniques observed in data breaches in its study, Unveiling the Arsenal: Exploring Attacker Toolsets and Tactics. It contains information about attacks observed during 2023 and walkthroughs for a variety of security incidents investigated by WithSecure, as well as security advice for organisations. 

During a time of increased cyber fraud and ‘bad actors’ compromising essential services at higher scales, it is important that studies like this highlight the need for greater cyber defence awareness and strategy.

Increasingly difficult for security analysts to understand attackers

The study ultimately demonstrates an alternative approach to predicting how cyber attacks can unfold. Using data collected from cyber attacks observed by WithSecure in 2023, researchers were able to correlate tactics and toolsets used together in attacks - correlations that provide a foundation for further analysis.

This type of analysis is more important than ever before, as 2023 has seen a wide range of hacks infiltrate and attack key systems. Recent reports have found that gaps in knowledge remain one of the main concerns to tackling more complicated cyber threats. 

As a result, 30% of cyber staff admit to currently facing burnout, with the pressure also meaning that less than half of companies in the UK alone are confident in their ability to handle the biggest threats facing organisations, including phishing (56%) and malware (55%).

With cyber crime becoming increasingly more sophisticated, predicting the actions of attackers based on profiling is becoming more challenging for cyber security professionals. To help address this challenge, WithSecure’s study demonstrates an alternative model of predicting how attacks unfold.

Trying to find new ways to combat cyber threats

WithSecure states that, in recent years, the cyber crime industry has become increasingly service-oriented, where different threat actors provide specialised services to one another. As a result, it has become increasingly difficult for security analysts to understand attackers and the threat they pose based strictly on their use of a particular tactic, technique, or procedure.

“You also have to consider that attackers are constantly expanding their toolkits to include new resources to use in attacks,” says WithSecure Intelligence Senior Researcher Neeraj Singh.

“That means they have more avenues to pursue an attack than ever before. These types of changes make traditional profiling techniques, where you understand and predict specific types of attacks by associating them with particular TTPs or toolsets, less effective.”

Researchers also found that both discovery and collection often lead to exfiltration and command and control tactics, indicating adversaries’ reliance on information that’s gathered and stolen from the victim’s machines. It is then sent back to the attackers to perform their next steps in an attack lifecycle.

According to Singh, correlations like these can provide a clear basis for making predictions about the different attack paths taken during attacks.

He explains: “machine learning can build on traditional data analysis techniques to train predictive models that can determine the likelihood of different tactics and toolsets being used on different premises. That’s the kind of preparation that organisations can use to begin reducing the risk of attackers using certain approaches against them.”


For more insights into the world of Cyber - check out the latest edition of Cyber Magazine and be sure to follow us on LinkedIn & Twitter.

Other magazines that may be of interest - Technology Magazine | AI Magazine.

Please also check out our upcoming event - Cloud and 5G LIVE on October 11 and 12 2023.


BizClik is a global provider of B2B digital media platforms that cover Executive Communities for CEOs, CFOs, CMOs, Sustainability leaders, Procurement & Supply Chain leaders, Technology & AI leaders, Cyber leaders, FinTech & InsurTech leaders as well as covering industries such as Manufacturing, Mining, Energy, EV, Construction, Healthcare and Food.

BizClik – based in London, Dubai, and New York – offers services such as content creation, advertising & sponsorship solutions, webinars & events.


Featured Articles

UK Takes Steps to Strengthen Country's Cyber Security

The new government have made cybersecurity one of their top priorities as they lay out their plans for what they intend to do in power

BlueVoyant Launch Platform to Tackle Supplier Attack Surface

BlueVoyant has unveiled a new Cyber Defense Platform which aims to tackle the growing attack surface introduced by the ecosphere of third-party vendors

Irdeto’s Andrew Bunten Talks Securing Online Content Streams

With online streaming services being bigger than ever, Irdeto’s Andrew Bunten explains how they manage to keep streams safe despite the huge attack surface

Fortinet Cyber Survey Shows Global Scope of Skills Gap

Operational Security

What ChatGPT Passing an Ethical Hacking Exam Means for Cyber

Technology & AI

Learn How CTEM can Upskill Your Cyber Strategy

Network Security