Security News > 2023 > February > 3 Overlooked Cybersecurity Breaches

3 Overlooked Cybersecurity Breaches
2023-02-10 10:42

Subsequently, the first attacker group monetized the first attack not only through the ransom they obtained, but also by selling the company's network information to the second ransomware group.

In the 13 months between the two attacks, the victim changed its network and removed servers, but the new attackers were not aware of these architectural modifications.

"Unfortunately, scanning for vulnerable systems in critical infrastructure is easier than ever. While many such organizations have multiple layers of security, they are still using point solutions to try and defend their infrastructure rather than one system that can look holistically at the full attack lifecycle. Breaches are never just a phishing problem, or a credentials problem, or a vulnerable system problem - they are always a combination of multiple compromises performed by the threat actor," said Etay Maor, Sr. Director of Security Strategy at Cato Networks.

Infiltration - The attacker was able to gain access to the network through a phishing attack.

"A multiple choke point approach, one that looks horizontally at the attack rather than as a set of vertical, disjointed issues, is the way to enhance detection, mitigation and prevention of such threats. Opposed to popular belief, the attacker needs to be right many times and the defenders only need to be right just once. The underlying technologies to implement a multiple choke point approach are full network visibility via a cloud-native backbone, and a single pass security stack that's based on ZTNA." said Etay Maor, Sr. Director of Security Strategy at Cato Networks.

How to Minimize Your Attack Surface and Gain Visibility into the Network# To reduce the attack surface, security professionals need visibility into their networks.


News URL

https://thehackernews.com/2023/02/3-overlooked-cybersecurity-breaches.html