Offers threat intelligence on how bots, DDoS attacks, ransomware, and more are used to exploit supply chains, critical infrastructures, IOT devices, financial assets
Radware a leading provider of cyber security and application delivery solutions, introduced Series II of its 2021 Hacker’s Almanac. The three-part series is an infosecurity field guide for security and IT professionals as well as executive decision-makers with responsibility for safeguarding their organizations. In a lessons-learned format, Series II unwinds the tactics, techniques, and procedures (TTPs) used by notorious actors in real-world cyberattacks, and shows how these TTPs map up to the MITRE ATT&CK framework.
The Hacker’s Almanac series serves as a cornerstone for helping organizations understand:
- The threat landscape.
- Why they might be at risk.
- Their attack surface.
- How attackers can target an environment.
Top iTechnology IoT News: Inseego Welcomes Ritesh Mukherjee as Senior Vice President and General Manager of 5G Enterprise Networking Business
“Understanding the objectives, tactics, and methods of malicious actors is an important step in an organization’s journey to a balanced security strategy,” said Pascal Geenens, director of threat intelligence at Radware. “By gaining a deeper understanding of their adversaries’ TTPs, organizations will be better prepared to detect, isolate, deceive, and evict threat actors who might be targeting their environment.”
Series II of the Hacker’s Almanac describes tactics and techniques, ranging from the reconnaissance conducted to begin an operation and the initial access required to gain a foothold in a victim’s network, to the execution of the attack, defense evasion strategies, and exfiltration. It gives examples of real-world attacks that targeted supply chains, critical infrastructures, IOT devices, financial assets, and more. And it goes into detail on how bots, DDoS attacks, credential stuffing, router hijacking, and other techniques and extortion tactics are used to exploit their victims.
“If there was one word to capture what organizations should expect from cybercrime in 2022, it would be ‘more,’” said Geenens. “More sophisticated, high intensity attacks. Smarter attackers with larger budgets. Increased pressure on supply chains and critical infrastructures. And bigger, bolder extortion threats. In short, the security community will have to be more vigilant than ever before, and organizations will need to make considerable efforts to keep their attack surfaces under control. The last two years ushered in a new dawn for cybercrime and info security, and it’s not going away anytime soon.”
Top iTechnology Cybersecurity News: Zero Trust Strategy and Microsegmentation Critical to Improve Cybersecurity in 2022
[To share your insights with us, please write to sghosh@martechseries.com]