SecurityBrief India - Technology news for CISOs & cybersecurity decision-makers
India
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
Advanced Persistent Threat Protection
#
Breach Prevention
#
Data breach

Cyberattacks exploiting trusted ties spanned over a month in 2023

Fri, 17th May 2024
Author image
By Shannon Williams, Journalist

More than 20% of cyberattacks in 2023 persisted for over a month, with the exploitation of trusted relationships being a key method of attack, according to the Kaspersky Incident Response 2023 report. A 5.55% increase in this type of attack was observed, making up 21.85% of the total cyberattacks from the previous year. Ultimately, the employment of this attacking method posed a significant challenge to investigative teams, as it enabled cybercriminals to infiltrate multiple victims via a single compromised organisation.

As noted, this method often makes the investigation process more complex as the original targeted organisations may fail to recognise the severity of the threat, showing reluctance to cooperate sufficiently. This, in turn, stretches the time needed to defuse from the initial cyber intrusion to the final incursion phase.

Notably, this increasing trend in cyberattacks exploited trusted relationships, which marked 6.78% of the total number of attacks in 2023. As cyber threats continue to evolve, the vital role of trust reciprocity in the realm of cybersecurity comes into focus. In the year under review, this kind of attack found its place among the three most employed vectors for the first time in recent years. Half of these incidents were only discovered subsequent to a data breach been identified.

Further findings from the report suggest these attacks, which infiltrate systems via trusted relationships, necessitate 50% more time to fully progress, often lasting over a month. A similar trend was noted in cases of insider and phishing cyberattacks last year.

Konstantin Sapronov, Head of Global Emergency Response Team at Kaspersky, stresses the implications of these insights, stating: "By exploiting trusted relationships, threat actors can prolong attacks and infiltrate networks for extended periods, posing significant risks to organisations. It's imperative for businesses to remain vigilant and prioritise security measures to safeguard against such sophisticated tactics."

To combat these risks, Kaspersky enforces key recommendations, which primarily include fostering a culture of security awareness among staff, limiting public access to management ports, and advocating a zero-tolerance policy for patch management or complementary measures for public-facing applications. Furthermore, they advise ensuring data backup to minimise damage, the consolidation of robust password policies and multifactor authentication, and to adopt managed security services such as Kaspersky Managed Detection and Response (MDR) as an additional protective layer against advanced attacks.

In case of suspicious activities leading to potential breaches, Kaspersky further underscores the importance of seeking the assistance of cybersecurity experts for incident response.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
US indictment reveals Anonymous Sudan's true motives
ExtraHop unveils new file analysis features for RevealX
To avoid the next major outage, we need continuous testing
Expert advice to combat rising ransomware & phishing
Businesses paying ransomware ransoms doubles in 2024
Top stories
SentinelOne & AWS expand collaboration for AI security
Cyber Awareness Month: Tips on leveraging DSPM to improve your security posture
Cyber safety campaign launched for high school students
AI's role in cybersecurity: balancing power & risks
Okta's redrawing its cybersecurity boundaries, says CSO