According to a new report from Barracuda, “Threat Spotlight”, it turns out that cybercriminals are using proven methods and old security flaws to get past companies’ protection systems. These attacks can result in them gaining remote access to corporate IT systems, installing malware, stealing sensitive information, or disrupting and disabling operations by conducting so-called denial-of-service attacks.
The report is based on an analysis of data collected over three months from Intrusion Detection Systems (IDS) used by Barracuda Networks’ Security Operations Center (SOC). With the help of the IDS tools, it is possible to identify which vulnerabilities the attackers focus on and which methods they use.
Security flaws – a constant threat to businesses
Merium Khalid, Senior SOC Manager, Offensive Security at Barracuda XDR, points out that security flaws do not have a “best before date”. – There is no best before date for weaknesses in security systems. They remain and the risk is that over time they may become even more difficult to locate and disarm. Instead, they become deeply embedded vulnerabilities in a system or application. But luckily, the method to access them need neither be new nor even particularly advanced, he explains. He also emphasizes that an effective defense method requires protection on several levels and a thorough review of potential risks. – What is needed is a method with multiple layers of protection and with multiple levels of in-depth review. Knowing what vulnerabilities lurk in your IT environment and who can target them and how is critical—as is the ability to respond to and disarm those threats, Khalid adds.
Discovered threats and risks
The report discovered several different attacks and tactics used by cybercriminals, including: Attackers using a tactic from 2008 where a misconfigured web server allows access to data such as application code or sensitive operating system files. A 2003 strategy that allows malicious code to be injected under a legitimate process, giving the attacker access to sensitive data, altering processes, and sending instructions to the operating system. Attackers targeting vulnerable servers to steal passwords or user lists, or exploiting a legitimate process to identify the number of computers on a network with active IP connectivity, can be used to plan and prepare a larger attack. This analysis underscores the ongoing threat posed by cybercriminals and emphasizes the importance of constant vigilance, regular review of security systems, and effective safeguards to protect businesses from potential attacks.
A professional writer by day, a tech-nerd by night, with a love for all things money.