IT and communications sectors were targeted by cyber attackers in 2021
Darktrace reported that the information technology (IT) and communications sectors were the most under attack globally in 2021.
Table of Contents
DARKTRACE REPORTS INFORMATION TECHNOLOGY
This data is constructed by the company using an “early indicator analysis” that examines the traces of potential cyberattacks at various stages before they are attributed to a specific actor and before they escalate into a general crisis. The results show that, in 2021, its Artificial Intelligence (AI) autonomously interrupted an average of 150,000 threats per week against the aforementioned sectors, according to the brand.
Darktrace also defends various companies dedicated to managing backups and has observed a growing trend of hackers attacking their servers, aiming to deliberately disable or corrupt backups by deleting a single index file that would make them inaccessible. . The attackers could then launch ransomware attacks against the backup provider’s customers, preventing recovery and forcing payment.
Cyber attacks on critical infrastructure
He added that in 2020, the most attacked sector across its entire customer base was the financial and insurance sector, showing that cyber attackers have shifted their focus in the past 12 months.
Throughout this year, it has become clear to us that attackers have been relentlessly trying to gain access to the networks of trusted providers in the IT and communications industries. They simply find it more convenient than, for example, going after a company in the financial services industry. SolarWinds and Kaseya are two recent and well-known examples of this. Unfortunately, there are likely to be more attempted attacks in the short term, “said Justin Fier, Director of Cyber Intelligence and Analytics at Darktrace.
The results of this investigation are published a year after the attack on the US software company SolarWinds shook the security industry. This historic supply chain attack left thousands of organizations vulnerable to infiltration by inserting malicious code into the Orion system. Over the past 12 months, there has been an ongoing series of attacks against the computing and communications industry, most notably attacks on Kaseya and Gitlab.
Also Read: CyberSecurity and Technology Predictions
Cybersecurity in the Communications Sector
Attackers often use software and developer platforms as entry points to other high-value targets, such as governments and authorities, large companies, and critical infrastructure buildings. Darktrace found that the most common intrusion attempt method is email, with companies in the industry receiving an average of 600 phishing campaigns monthly in 2021. Contrary to popular belief, emails sent to these organizations did not contain a threat hidden in a link or attachment. Instead, the cyber attackers used subtle and sophisticated techniques sending “clean emails” containing only text, trying to convince recipients to respond and reveal sensitive information. This method is effective because,
These methods easily bypass security tools that rely on checking links and attachments for block lists and signatures. AI can prevent these emails from reaching employee inboxes by identifying the full range of anomalies, even the most subtle indicators.
How cyber attacks work
“The reality is that attackers are patient and creative. They tend to walk in the front door by engaging trusted vendors from the IT and communications industries. For downstream customers, it appears that everything remains the same and that this is another application or piece of hardware from a trusted vendor, ”continued Fier. “There is no silver bullet to finding infiltrated attacks on software vendors, so the real challenge for organizations will be to operate while accepting this risk.
The IT and communications industry includes, but is not limited to, telecommunications providers, software developers, and managed security service providers.Having an idea of what is normal for trusted software is paramount. AI is perfectly suited for this job; detecting the subtle changes in compromised software will be key to combating these problems in the future.
Also Read: How to Beware of malware cybercrime