ANSSI’s 2021 computer threat report reveals a worrying year. A trend that will continue, as the level of professionalism of attackers continues to improve.
A delinquency that progresses towards organized crime
Booming, cybercriminal networks have become largely professionalized and organized, they are becoming more and more agile and responsive to detect and monetize all flaws. We are witnessing a true paradigm shift: initially, cybercriminals targeted a particular organization and sought to exploit a breach. From now on, they are developing software that constantly scans the networks to detect the slightest fault, human or software. It is no longer a question of targeting a company, but of detecting a weakness in one of them to trigger the attack. Better funded, these organizations reinvest the colossal sums at their disposal to reorganize, specialize in certain tasks of the attack chain, up to installing customer services with support, in case of problems with decryption once the ransom paid.
Whatever the motivation for the attack, there are considerable risks for the victim organization: financial threat, temporary cessation of activity, loss or disclosure of key data. This damage can be extended to an entire customer-supplier chain, which makes it systemic, thus leading to risks of exploitation in the broad sense, reputation and loss of competitiveness.
But then what are the weak points that ANSSI notes? The first concerns delays in releasing software patches as soon as a vulnerability is known. As in 2020, 2021 marked an escalation in the exploitation of these so-called 0-day flaws (unknown or unpatched at the time they are used by cybercriminals).
The second point of weakness are the ESNs. It is a strategic gateway to the IS of all the customers of the targeted ESN.
An acceleration of attacks yet anticipated.
During the health crisis, organizations had to rethink their organization towards a hybrid model by relocating their IT infrastructure with remote servers that provide access to more external “web” services or shared platforms such as Teams, Slack or Office 365… The work environment is therefore no longer centralized and closed, the task of CIOs has become much more complex. The generalization of telework also reinforces this observation.
This mobility raises the subject of access security. The employee must have access to the organization’s network in as secure a manner as if he were on site.
We would like to thank the author of this article for this incredible material
What role for CIOs in the face of the IT threat?
Check out our social media profiles , as well as other pages that are related to them.https://yaroos.com/related-pages/