Trending topics: Crypto currencies, 5G and zero-day exploits

1. February, 2022

Everyday threats such as ransomware, phishing or social engineering are likely to stay with us for some time. What could influence or change the state of cyber security beyond that? We have derived possible trends from a pragmatic combination of the predictions of security researcher Dan Lohrmann and cyber security company Mandiant. [1,2]

Top 3 topics that could keep us busy in the upcoming months:

  • Crypto technology and Crypto currencies
    Many large companies are dealing with this still rather young field of application. Now is the time to gain experience.
  • Development of cyber-physical systems using IoT/OT and 5G
    The introduction of 5G will drive major adaptations and changes. New solutions will have to prove themselves from a cyber security perspective.
  • Exploiting existing vulnerabilities
    Log4j could be just the beginning. Many software products and libraries have been in use inconspicuously for a long time. A specialisation in finding zero-day vulnerabilities would be quite conceivable.

Log4j may have set a big ball rolling: It became visible what potential undiscovered security vulnerabilities could be hiding. Researchers at FortiGuard Labs have noticed that cybercriminals are already devoting more time to finding zero-day exploits. [3] The analysts are observing increased exploration phases in which the victims’ systems are systematically examined. This is to identify vulnerabilities of a technical and organisational nature that can be used to plan the actual attack. Another side effect: The intruders could sell information gained to other attacker groups.

The security researchers’ prognosis: More and, above all, larger and more serious incidents are to be expected. With this strategic preparation, future attacks can be more targeted, faster and more efficient.

MITRE Pre-ATT&K: Improved detection and response to attack indications

The generic MITRE framework classifies cyber-attacks in order to implement methodical countermeasures based on them. While the traditional ATT&CK framework focuses on the attack itself, the upstream pre-attack model attempts to identify anomalies even before a possible attack. Even seemingly unimportant occurrences and events should be actively used to implement preventive measures in time. Often, we tend to ignore small irregularities such as failed port scans, “strange” login attempts or phishing emails as unimportant. Later, however, precisely such attack vectors could be successfully exploited. [4]

Cybersecurity will remain a fast-paced cat-and-mouse game between attackers and defenders in 2022. According to current trend developments, the focus for the upcoming months will expand to new areas of technology. In addition, it is assumed that target systems will increasingly be scouted in advance in order to increase the efficiency of subsequent attacks.

For IT managers, this means that the focus should not only be on detecting and warding off an attack. It is important to better recognise and understand possible indications and irregularities in advance and to implement preventive measures in a timely manner.

Sources:

Red Teams, Blue Teams, Purple Teaming

Living Off the Land attacks

MSSP of the Year 2024

SIEM

What is a SIEM?

Nozomi Guardian Air
HarfangLab Guard
MITRE ATT&CK Framework
v.l.n.r.: Joe Pichlmayr (CEO IKARUS) – Anouck Teiller (CSO HarfangLab) –Alexander van der Bellen (Bundespräsident Österreich) - Frédéric Joureau (Erster Botschaftsrat der französischen Botschaft in Wien) – Christian Fritz (COO IKARUS)
EDR
Cyber Kill Chain
Business Email Compromise
Prognosen für die zehn größten Cybersecurity-Bedrohungen für 2030
E-Mail Verschlüsselung
Schritt für Schritt zum Notfallplan für IT-Security-Incidents
Account Management
Bedrohung

WE ARE LOOKING FORWARD TO HEARING FROM YOU!

IKARUS Security Software GmbH Blechturmgasse 11
1050 Vienna

Phone: +43 1 58995-0
Sales Hotline:
+43 1 58995-500
sales@ikarus.at

SUPPORT HOTLINE

Support hotline:
+43 1 58995-400
support@ikarus.at

Support hours:
Mon – Thu: 8am – 5pm
Fri: 8am – 3pm
24/7 support by arrangement

Remote maintenance software:
AnyDesk Download