Cybersecurity threats: the blows follow one another

0


It’s October and that means it’s Cyber ​​Security Awareness Month again. Cyber ​​security threats continue to evolve and proliferate at an increasing speed. Opportunistic attackers take advantage of everything from remote work and cloud configuration errors to poorly defended operational technologies protecting critical infrastructure. And they are getting more professional with models like ransomware-as-a-service.

DXC Technology has identified 10 types of threats that present major challenges for organizations around the world. We have also described our main defense strategies against these threats.

Top 10 Cyber ​​Security Threats

Businesses face threats from all sides, including:

  1. Threats to the supply chain. Supply chain attacks, like that experienced by solar winds, are particularly problematic because even if your own security is robust, they can infiltrate your environment via vulnerabilities in the security of your suppliers.
  2. Attacks on Linux and other non-Microsoft operating systems. Attackers are increasingly reaching beyond the Microsoft operating system. For example, Vermilion strike rewrote the Cobalt Strike Windows red team tool to attack Linux systems.
  3. Persistence of major ransomware players. Major ransomware gangs such as the REvil ransomware operation as a service do not usually go away, but rather hibernate to avoid increased surveillance or adopt new names. The ransomware-as-a-service model has enabled these groups to dramatically increase their hackers and affiliate revenues.
  4. Remote workforce vulnerabilities. In a recent poll67% of those polled said the attacks targeted remote workers and 74% said an attack was the result of vulnerabilities related to COVID-19. It appears that companies have not sufficiently adapted their security strategies in response to the new reality of the remote workforce.
  5. Cloud attacks due to misconfiguration. According to IBM, two-thirds of recent cloud breaches “would likely have been avoided by more robust systems hardening, such as the proper implementation of security policies and patch systems.” Problems with credentials and policies “spill over into the most commonly seen initial infection vectors (including) misconfigured assets, password sputtering, and pivoting from infrastructure on. site”.
  6. Zero-day threats. New security vulnerabilities not matching any known malware signature have reached new heights this year, with at least 66 zero-day viruses and other malware Already used.
  7. Threats to operational technology (OT) systems. Attacks on OT devices – as the Compromise of the colonial pipeline – has skyrocketed 46 percent this year. The utilities and manufacturing sectors are particularly at risk. Cyber ​​security measures for OT are still weak or non-existent in many cases.
  8. Trademark abuse attacks. In almost half of these fraudulent attacks, cybercriminals masquerading as credible brands to collect consumer login details or personal data. These attackers have spoofed digital content and experiences by creating fake social media profiles, malicious mobile apps, or fraudulent websites.
  9. Destruction of the ransomware recovery key. Some ransomware gangs such as Grief and Ragnar Locker have threatened to remove decryption keys from victims if an organization involved authorities or a trading company, rendering the data unrecoverable.
  10. Mobile threats without clicks. These insidious attacks, which allow malware to install themselves on a victim’s device without the person clicking a link, are on the increase for Android and Apple devices.

The best defense: good cyber hygiene

In DXC’s experience, the better defense against sophisticated emerging threats is to fully understand the basics. Simple errors such as misconfigured cloud settings, weak passwords, and unpatched or outdated software can lead to major operational disruptions and data leaks.

Follow these basic safety hygiene practices to ensure you are well protected against known and emerging cybersecurity threats:

  • Get the right configurations. Review your configuration management database (CMDB) and plan a decision process that sets security levels from most to least secure.
  • Monitor the security controls you have in place. If an alert is triggered but nobody notices it quickly, hackers will have time to gain a foothold in your environment.
  • Improve identity management. Problems often result from too many highly privileged accounts, especially if some are disabled or unused, or from a lack of multi-factor authentication.
  • Know your crown jewels. Determine which assets are critical to the survival of the organization and which are less critical, then assign security controls accordingly.
  • Increase visibility with third-party suppliers. Identify, document and define the risks associated with all your suppliers and third-party providers.
  • Track fixes and updates. Establish good coordination between the IT department and the security organization so that you can verify that software and operating system patch guidelines are being applied throughout the organization by operational IT teams.
  • Keep and secure reliable backups. Perform regular and full backups of all critical systems and isolate them to protect yourself from attacks. Know how to quickly rebuild from backup and perform disaster recovery exercises regularly.
  • Integrate security into all new applications and solutions. Safety shouldn’t be a second thought; it’s more efficient and ultimately easier to integrate from the start, using the native capabilities of your cloud platforms and operating systems when possible. Validate security once new systems go live with penetration testing and vulnerability scans.

Disclaimer

DXC Technology Co. published this content on October 11, 2021 and is solely responsible for the information it contains. Distributed by Public, unedited and unmodified, on October 13, 2021 19:51:06 PM UTC.

Public now 2021

All the news of DXC TECHNOLOGY COMPANY

Analyst Recommendations on DXC TECHNOLOGY COMPANY
Sales 2022 16 743 million

Net income 2022 430 million

Net debt 2022 2,010 M

PER 2022 ratio 19.2x
Yield 2022
Capitalization 8,381 million
8,381 million
VE / Sales 2022 0.62x
VE / Sales 2023 0.57x
Number of employees 134,000
Free float 97.2%

Graphic DXC TECHNOLOGY COMPANY
Duration :

Period:

DXC Technology Company Technical Analysis Chart |  MarketScreener

Trends in technical analysis DXC TECHNOLOGY COMPANY

Short term Mid Road Long term
Tendencies Bearish Neutral Bullish

Evolution of the income statement

To sell

To buy

Average consensus SURPASS
Number of analysts 11
Last closing price

$ 33.27

Average price target

$ 45.27

Spread / Average target 36.1%


Leave A Reply

Your email address will not be published.