We hear all the time that malicious attackers are constantly getting smarter, faster and more adept at extracting sensitive information for ransoms or other nefarious purposes.
In fact, it’s almost now a clichéd trope that we’ve all become desensitised to. Yet these groups are real, very real, and companies mustn’t drop their guards and allow themselves to become complacent thinking they’re probably not on their radars.
Consider this indepth profile of hacking group ‘Muddled Libra’ in Palo Alto Networks Unit 42, 2024 Incident Response Report- p9-14.
It’s like running through a checklist for judges announcing the winners of a prestigious business award; leading edge innovation, agile and resourceful, leaving no stone unturned in researching and understanding the target audience and every touchpoint. And perhaps most notably, Muddled Libra’s front line ‘staff’ have earned a reputation for having exceptional English language skills.
This has seen them raise the bar for penetrating organisations using phishing and social engineering tactics. But they’re also experts at identifying and exploiting software vulnerabilities, while showing they’re capable of turning every point and node of their target victims into an attack surface.
Here's the top 3 things hackers don’t want you to do
Looking at the same Unit 42 Report mentioned above, these core competencies of Muddled Libra all aligning neatly with the top 3 things Palo Alto Networks recommends CISOs, CIOs and other Executives with responsibility for cyber security to do to make life harder for hackers.
1. Patch management - It’s only a matter of time. Unpatched vulnerabilities on Internet-facing systems will be exploited. Not only that, as entire industries and economies continue on their path towards digital transformation at scale, the implications of malicious actors catching wind of these vulnerabilities and exploiting them are huge.
We’ve already seen software vulnerabilities moving into the top spot for the source of all cyber attacks globally. If you take the time to properly measure and reduce your attack surface, and you’ll greatly reduce your risks.
2. Consistent coverage - We get it, CISOs, CIOs and others with responsibility for cyber security are amongst the hardest working people in tech right now. Burnout is at all-time-highs with everyone exhausted by this game of perpetual whack-a-mole. It’s no surprise then that organisations are struggling to achieve full coverage with attacks coming from every direction. But we have to fight on and control the borders 24x7.
Unit 42’s responders found that organisations with partial or incomplete deployment of security controls (especially endpoint detection and response tools) allowed attackers to operate from parts of the network that weren’t defended. Deploy your defences everywhere, and you’ll deny them this advantage.
3. Identity and access management - As noted above, leading malicious actors like Muddled Libra have become adept at stealing and using the identity of authorised personnel to access and move around networks. With the relentless cadence of incursions it’s near impossible to keep the bad guys out for ever. But most organisations still have a long way to go before being able to say they’ve implemented genuine ‘Zero Trust’ protocols across their entire organisation.
To be fair, it’s very difficult, especially for larger organisations. Persistent effort will, however, ensure you’ll eventually pressure attackers into slipping up and making mistakes that you can see.
Yes, hackers are getting smarter, faster and more dangerous. They’re now also more organised which means they’re going after more and more targets, which one day might include your organisation and data.
Any organisation can be on the radars of malicious actors, so its imperative that you implement measures and defenses that make life harder for these actors. In short, imagine what Muddled Libra would do to damage your business and brand- follow the steps above to keep them away.
You can download the full report here or if you would like to discuss your security requirements to ensure your data and staff are protected email here to get in contact with one of Enablis’ security experts.