Attackers are changing their tactics to combat cybersecurity efforts

April 15, 2019
New Carbon Black report notes higher rates of “island hopping,” counter incident response

I’ve always been quite fond of the 1995 film, “Hackers.” It might be a bit dated now, and like Angelina Jolie, technology has changed significantly since the mid-90s, but the film does portray the extent to which some hackers may go to for whatever their cause.

True to that spirit, a recent report indicates that cyber attackers are changing their tactics to combat the cybersecurity efforts they’re now facing. Carbon Black, a cybersecurity company, recently released its quarterly Global Incident Response Threat Report.

The report, which was based on a survey of its partners, focuses on how hackers are evolving their methods. The key findings include:

  1. 50% of attacks are now leveraging “island hopping.”
  2. 56% of respondents said they have encountered counter incident response (IR) in the past 90 days, with 87% saying it took the form of destruction of logs, and 70% saying it took place in the form of evasion tactics.
  3. 70% of attacks involve lateral movement.
  4. 31% of targeted victims experience destructive attacks.
  5. Although financial and healthcare remain the most vulnerable industries for attacks, manufacturing attacks have grown significantly in the past 90 days.

The Top 3 findings from the survey are particularly concerning, as they show how attackers are evolving their tactics to infiltrate a system and stay there.

“Attackers are fighting back. They have no desire to leave the environment. And they don’t just want to rob you and those along your supply chain. In the parlance of the dark web, attackers these days want to ‘own’ your entire system,” said Tom Kellermann, Carbon Black chief of cybersecurity, in the report.

The report puts significant emphasis on the growth of “island hopping” methods. “Island hopping” is when attacks aren’t targeted at one organization, but instead are issued to other networks within a company’s supply chain.

“At this point, it’s become part and parcel of a cybercrime conspiracy,” Kellerman said in the report. “They’re using their victim’s brand against customers and partners of that company. They’re not just, say, invading your house — they’re setting up shop there, so they can invade your neighbors’ houses, too.”

Lack of visibility was cited by 44% of respondents for the reason that organizations are vulnerable to “island hopping,” but the report notes that ensuring partner companies are equally cybersecure is essential.

Counter IR efforts have been on the rise throughout the past year, the report indicates, noting that for the past three straight quarters, there has been a 5% increase in respondents they’ve seen in during the prior 90 days.

These efforts go hand-in-hand with the lateral movement that attackers are now implementing to stay in a system, the report states. In fact, 40% of respondents said that lateral movement was a factor in at least 90% of attacks.

As technology becomes a greater part of our processes, and as attackers catch on to the methods cybersecurity professionals are using to protect against attacks, keeping abreast of the ways attackers are infiltrating your system and working around your cybersecurity is incredibly important.

Sponsored Recommendations

Measurement instrumentation for improving hydrogen storage and transport

Hydrogen provides a decarbonization opportunity. Learn more about maximizing the potential of hydrogen.

Get Hands-On Training in Emerson's Interactive Plant Environment

Enhance the training experience and increase retention by training hands-on in Emerson's Interactive Plant Environment. Build skills here so you have them where and when it matters...

Learn About: Micro Motion™ 4700 Config I/O Coriolis Transmitter

An Advanced Transmitter that Expands Connectivity

Learn about: Micro Motion G-Series Coriolis Flow and Density Meters

The Micro Motion G-Series is designed to help you access the benefits of Coriolis technology even when available space is limited.