It’s a grim world as new research from VMware has highlighted the rise of API-based attacks, cyber staff burnout and the use of state-motivated cyber warfare.
VMware has unveiled its eighth annual Global Incident Response Threat Report today (8 August), with 65% of responders believing that the Russia-Ukraine conflict has exaggerated the frequency of cyberattacks.
The tech company found the significant after-effects of these cyberattacks on the well-being of security teams, with 47% experiencing extreme burnout and stress in the last year. Out of the concerned group, 69% are considering quitting their jobs, while the rest are exploring taking a sabbatical or time off.
Furthermore, zero-day exploits have reached a zenith this year, with 62% DevSecs, up from 51% in 2021, experiencing vulnerability attacks. Most of these exploits have an origin in API security lapses. Around 23% of total cyberattacks today stem from faulty or compromised APIs, with data exposure, SQL and API injection episodes topping the list.
The report also highlights an exponential rise in ransomware actors by cyber extortionists. Around 57% of professionals surveyed encountered some form of DDoS or malware attack last year. In comparison, 66% witnessed a clear pattern between geographically distributed cyber cartels and local ransomware groups, together operating data auctions, leaks and blackmail on the dark web.
- If you can handle more doom and gloom – read about ‘HP Wolf Security Investigation Reveals Plague of Cheap Malware Kits’ here
HermeticWiper’s attack on Ukrainian authorities to destroy the war-ridden state’s critical infrastructure is one of many examples. The above views were also authenticated by Cybersecurity and Infrastructure Security Agency (CISA) and the FBI’s latest report released this spring.
Malware like Emotet, once presumed dead by global governments, is also finding a resurgence amidst the backdrop of war. While the malware families targeted almost all central states, the US and UK witnessed the highest number of attacks, owing to their closeness and support to Ukraine.
VMware’s security team has also warned about the jump in lateral movement events during external intrusions. 25% of attacks saw some form of lateral movement, with assailants targeting everything from script hosts to file storage and PowerShell to cause obstructions.
On top of that, researchers also found more than 25 million incidences of Log4j vulnerability exploits, with Java-focused applications bearing the brunt of the security compromise.
Out of all delivery methods, emails contribute to around 78% of total cyber invasions and an overall $43.3 billion (£35.9 billion) loss in cover-up and strategy alleviation.
Lessons for Security Teams
The report also presents some positives on the mitigation front. Despite growing attacks, 87% of professionals have expanded on resources to disrupt and even completely wreck the attacker’s target systems during intrusions – 75% are now testing virtual patching for emergencies.
Several in-house teams are also building new-age solutions to counterattack before they even come to the surface, with the more you sweat on practice, the less you bleed in the war approach.
VMware has listed some preventive strategies in incidences of disaster recovery. Regularly configuring in-band traffic, especially highly traded protocols like LDAP, can help deter trojan invasions.
The team advises developers to integrate their endpoint detection and response (EDR) with network detection and response (NDR) for real-time system monitoring. This new-age integration can help enterprises leverage a comprehensive data set to calculate future attacks, their frequency and bandwidth.
Embracing Zero Trust principles and continuous user authentication can also help contain the contagious spread if and when an attack arises. Teams can adopt The Open Group and National Institute of Standards and Technology (NIST) standards as the first step toward endpoint security.
Do you want to learn more about cybersecurity? Check out these courses from TechRepublic Academy.