HomeCII/OTCybercriminals combine AI and social engineering to evade detection

Cybercriminals combine AI and social engineering to evade detection

Published on

spot_img

In response to the increasing focus on stealing identities by cyber attackers, companies are being urged to embrace zero trust principles and carefully verify user identities, according to DirectDefense.

Researchers at the organization have conducted a thorough analysis of thousands of alerts, aligning them with the MITRE ATT&CK framework, which serves as a comprehensive knowledge base of adversary tactics and techniques based on real-world observations.

Among the top five attack tactics identified, initial access emerged as the most prevalent adversarial tactic, accounting for over 27% of escalated alerts. Threat actors in 2024 consistently exploited valid accounts to gain unauthorized access to systems, often by utilizing stolen credentials.

In addition, adversaries are increasingly prioritizing persistence within compromised networks to maintain access despite detection efforts, with persistence tactics being utilized in 17% of escalated cases. Lateral movement, which involves moving laterally within a compromised network to escalate privileges and access sensitive data, accounted for 10% of escalated alerts. Adversaries also focused on execution tactics, such as running malicious code within an environment to expand access or impact business operations, with malicious file execution being a commonly exploited technique.

Moreover, credential access tactics, including stealing or cracking authentication credentials to escalate privileges or facilitate further attacks, were observed in 6% of escalated cases, with brute force attacks being a prominent technique.

As ransomware timelines have significantly shrunk to mere hours, threat actors have become more efficient in deploying ransomware, with some incidents occurring in as few as six hours. This heightened speed from initial access to full control of a domain environment poses a significant challenge for organizations, as they struggle to respond effectively within such short timeframes.

Notably, attackers have expanded their targets to include industries previously considered off-limits, such as healthcare, utilities, and critical infrastructures. The increased deployment of AI by threat actors has further complicated the cybersecurity landscape, with AI now being utilized to bypass traditional detection methods and enhance social engineering tactics.

In light of these evolving threats, companies must reassess their cybersecurity strategies and remain vigilant in adapting to the changing tactics employed by malicious actors. By staying ahead of the curve and anticipating potential threats, organizations can better protect their systems and data from cyber attacks.

Source link

Latest articles

ModHeader Chrome Extension Exposes 900,000 Users to Possible Browsing History Theft

Security Vulnerability Unveiled in Popular Chrome Extension ModHeader A significant security vulnerability has been identified...

Bipartisan House Bill Advocates for AI in Pediatric Cancer Care

A newly proposed bipartisan legislation in the United States aims to significantly accelerate the...

Progress Software Issues Warning About External Security Threat to ShareFile

Data Security Threat at Progress Software Underscores Vulnerabilities in File Storage Solutions The recent alarm...

Governments to Enterprises: Enhance Your Router Security Practices

Cybersecurity Vulnerabilities Rise as Actors Exploit Cisco Flaws Recent reports have highlighted a concerning trend...

More like this

ModHeader Chrome Extension Exposes 900,000 Users to Possible Browsing History Theft

Security Vulnerability Unveiled in Popular Chrome Extension ModHeader A significant security vulnerability has been identified...

Bipartisan House Bill Advocates for AI in Pediatric Cancer Care

A newly proposed bipartisan legislation in the United States aims to significantly accelerate the...

Progress Software Issues Warning About External Security Threat to ShareFile

Data Security Threat at Progress Software Underscores Vulnerabilities in File Storage Solutions The recent alarm...