CS Jan-Feb 2024
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
attack… attack<br />
Amit Sinha, DigiCert: post quantum<br />
cryptography (PQC) is a seismic event<br />
that will require IT leaders to begin<br />
preparation now.<br />
François Normand, head of cyber threat<br />
intelligence at Gatewatcher: passwordless<br />
alternatives should be developed as part<br />
of an 'Identity Intelligence' strategy.<br />
(605), EMEA (428) and Asia-Pacific (393) that<br />
are knowledgeable about their organisations'<br />
approach to PQC. Key findings from the<br />
study, sponsored by DigiCert, include:<br />
61% of respondents say their<br />
organisations are not and will not<br />
be prepared to address the security<br />
implications of PQC<br />
Almost half of respondents (49%) say<br />
their organisations' leadership is only<br />
somewhat aware (26%) or not aware<br />
(23%) about the security implications<br />
of quantum computing<br />
Only 30% of respondents say their<br />
organisations are allocating budget<br />
for PQC readiness<br />
525 of those surveyed say their<br />
organisations are currently taking an<br />
inventory of the types of cryptography<br />
keys used and their characteristics.<br />
FALSE DELIVERY<br />
Equally concerning is a complex new attack<br />
tactic that combines credible phone and<br />
email communications, in an attempt to take<br />
control of corporate networks and exfiltrate<br />
data. During an investigation at a Swiss<br />
company, Sophos X-Ops discovered that the<br />
attack had begun with a telephone call that<br />
may have seemed harmless. The targeted<br />
employee was contacted directly by a man<br />
who told the employee he had an urgent<br />
delivery to make to one of the company's<br />
sites and asked if the employee would accept<br />
the delivery. To validate the new delivery -<br />
allegedly for security reasons - the employee<br />
had to read out a code sent by email during<br />
the call.<br />
The email, which was reported to have been<br />
written in perfect French, contained no text<br />
in the body of the message and featured<br />
only a static image that appeared to be a<br />
PDF attachment. Directed by the scammer<br />
on the phone, the employee clicked on the<br />
image, which then led to the malware being<br />
downloaded. After verbally prompting the<br />
employee to open the file, the attackers<br />
began taking over the network.<br />
"This attack was highly, highly targeted,"<br />
says Andrew Brandt, principal researcher at<br />
Sophos. "There was only one person in the<br />
office that Friday and the attackers likely<br />
knew who it was. The use of an image<br />
masquerading as an email is also something<br />
we haven't seen before. However, it's smart.<br />
Attaching an actual PDF often triggers alarm<br />
on systems, since they are so frequently used<br />
to deliver malware, and emails with PDFs<br />
often end up in spam filters."<br />
NASTIEST MALWARE NAMED<br />
Finally, OpenText has announced the Nastiest<br />
Malware of 2023, an annual ranking of the<br />
year's biggest malware threats. For six<br />
consecutive years, OpenText Cybersecurity<br />
threat intelligence experts have analysed the<br />
threat landscape to determine the most<br />
notorious malware trends. Ransomware<br />
has been rapidly ascending the ranks, with<br />
ransomware-as-a-service (RaaS) now the<br />
weapon of choice for cybercriminals.<br />
This year, four new ransomware gangs,<br />
believed to be the next generation of previous<br />
big players, topped the list. Newcomer Cl0p<br />
took the prize for 2023's nastiest malware<br />
after commanding exorbitant ransom<br />
demands with its MOVEit campaign. Cl0p's<br />
efforts helped skyrocket the average ransom<br />
payment, which is rapidly approaching three<br />
quarters of a million dollars, according to<br />
OpenText. Black Cat, Akira, Royal and Black<br />
Basta also made their debuts, joined by the<br />
always-present Lockbit.<br />
"A key finding this year is the RaaS business<br />
model is another win for the bad guys," says<br />
Muhi Majzoub, EVP and chief product officer,<br />
OpenText. "Profit sharing and risk mitigation<br />
are top contributors to RaaS success, along<br />
with the ability to easily evade authorities.<br />
There is a silver lining, as research shows<br />
only 29% of businesses pay ransom, an alltime<br />
low. These numbers indicate people are<br />
taking threats seriously and investing in security<br />
to be in a position where they do not need<br />
to pay ransom," he concludes.<br />
30<br />
computing security <strong>Jan</strong>/<strong>Feb</strong> <strong>2024</strong> @<strong>CS</strong>MagAndAwards www.computingsecurity.co.uk