Cyberthreat actors are becoming more efficient in the way they operate like businesses and target major industries, according to a new Darktrace report.
Analyzing attack data related to the energy, healthcare and retail sectors in 2022, the study shows that attackers are tailoring their tactics to specific industries based on efficiency and cost-effectiveness. I was.
talk Information security, explains Toby Lewis, Global Head of Threat Analytics at Darktrace. ? How can we hit more targets? How can we get better results with less resources?”
He added that this approach leads to constant evolution of tactics and makes attacks less predictable for cybersecurity teams.
Cryptomining in the energy sector
Darktrace has found that the energy sector has significantly increased the threat of cryptocurrency mining in 2022. In the US he was three times as many.
Cryptomining is where bad actors steal energy and processing power from other devices and networks. Energy providers are a particularly attractive target for this vector, as they typically have vast his OT infrastructure with access to vast amounts of energy supply.
While this technique is often viewed as minor compared to other forms of compromise, researchers are aware of the costs and damage it can inflict on organizations, such as system slowdowns and lost productivity. pointed out. Unauthorized access to a network for cryptojacking purposes can also be a precursor to the launch of more serious attacks, including ransomware.
Lewis warns:
He stressed the importance of preventing cryptojacking to an organization’s overall security posture. Default, weak, or otherwise compromised credentials. This means that even if you manage to install cryptocurrency mining software, something fundamental is not done right somewhere,” he said.
Additionally, the report notes that the prevalence of cryptocurrency mining has helped fund cybercriminal and nation-state groups, fueling cybercrime globally.
Attacks on retail online accounts
In the retail industry, cybercriminals have increasingly focused their attacks on online accounts in the last year as online shopping continues to experience significant post-COVID growth. For example, researchers found that credential theft, impersonation, and stuffing accounted for more than a 170% increase in the percentage of all cyber incidents observed in the U.S. retail sector compared to 2021. discovered. There was a 70% increase in Australia and a 14% increase in the UK.
As such, Lewis emphasized the need to introduce a stronger authentication process for online shopping accounts.
“The increase in the rate of credential theft in the retail sector seen in all three regions points to a new trend of simply ‘logging in’ with stolen or leaked credentials, It should act as a warning to your organization. Passwords and usernames are not enough to ensure that only trusted users can access your system. ”
Healthcare is a prime target for data exfiltration
medical institutions Top targets of recent ransomware attackerscybercriminals can wreak havoc by taking hospital systems offline, making them particularly “soft” targets due to the highly sensitive patient data these institutions hold. I regard it as
Dec 2022, Canada’s Leading Children’s Hospital ransomware attackedlater found out that the attacker gave them a free decryption key.
A Darktrace report observed a “significant increase” in data exfiltration threats targeting the UK and Australian healthcare sectors in 2022 compared to 2021. A common threat was observed.
Summarizing the findings, Lewis commented: Outflow to the healthcare sector. ”
