Security News > 2024 > March > Key MITRE ATT&CK techniques used by cyber attackers

The classic tools and techniques adversaries deploy remain consistent-with some notable exceptions.

Detections for malicious email forwarding rules rose by nearly 600%, as adversaries compromised email accounts, redirected sensitive communications to archive folders and other places users are unlikely to look, and attempted to modify payroll or wire transfer destinations, rerouting money into the criminal's account.

Despite a wave of new software vulnerabilities, humans remained the primary vulnerability that adversaries took advantage of in 2023, comprising identities to access cloud service APIs, execute payroll fraud with email forwarding rules, launch ransomware attacks, and more.

Adversaries have quickly learned that these systems house the information they want and that valid and authorized identities are the most expedient and reliable way into those systems.

"The golden thread connecting these modes of attack is identity. To access cloud accounts and SaaS applications, adversaries must compromise some form of identity or credential, and one that is highly privileged can grant an adversary untold access to valuable accounts, underscoring the critical importance of securing corporate identities and identity providers," McCammon continued.

The data shows that adversaries reliably leverage the same small set of 10-20 ATT&CK techniques against organizations, regardless of the victim's sector or industry.

News URL

https://www.helpnetsecurity.com/2024/03/15/2023-attck-techniques/