Cybersecurity incident response: Lessons learned from 2021

2022-03-25 14:19

Huge incident response services providers have a unique view on threats and trends in computer attacks.

A large 85% of incidents handled by SecureWorks in 2021 were financially oriented, while government-sponsored threat attacks only represented 5% of the activity.

Credential theft englobes credential stealing, but might also refer to credentials bought on the Dark Web or to initial access brokers, or obtained via brute-force attacks or password spraying attacks.

SecureWorks incident response data does not indicate any reduction in ransomware activity, despite the U.S. government putting ransomware at similar priority as terrorism and several ransomware attackers being caught in 2021.

Even if MFA is properly implemented, user behavior might be a problem and help attackers.

Successful attacks in the wild have been witnessed with MFA being bypassed by attackers because of multiple MFA push notifications which brought users to eventually approve one of the push notifications.

News URL

https://www.techrepublic.com/article/cybersecurity-incident-response-lessons-learned-2021/

#cybersecurity #incidentresponse