Network defenders must be as fast and innovative as their adversaries and reach out to ethical hackers to help build resilience, according to keynote speaker, Keren Elazari.
On the final day of Infosecurity Europe, Elazari argued that cybercrime innovation has accelerated in the ransomware space, thanks to groups like Clop, Conti and LockBit.
Read more on ransomware innovation: Conti Group Suffers Massive Data Breach.
Cybercrime innovation is happening in terms of not just the technology itself, but also new business models, hiring strategies, deployment mechanisms and more, she added.
Among the examples of cybercrime innovation cited by Elazari were:
- Double extortion and ransomware-as-a-service (RaaS)
- Recruitment of insiders from breached (victim) companies
- Triple extortion through pressuring employees/customers of victim organizations
- Use of intermittent encryption and dispensing with the ransomware payload to focus on data theft-based extortion
Cyber-criminals are also prodigious users of automation to streamline their efforts, using it to deliver phishing campaigns, support credential stuffing, and scanning and exploitation campaigns, Elazari added.
It’s only a matter of time before they also deploy AI such as generative tools like ChatGPT to produce file-less polymorphic malware and other threats with little effort, she argued.
“If this was Silicon Valley it would be called innovation,” Elazari said. “This is why the bad guys are faster than ever. The past couple of years have been a cybercrime renaissance; time to adapt and move on.”
Elazari urged members of the audience and their peers in the cybersecurity industry to fight back by utilizing an underused asset: ethical hackers and bug bounty programs.
“Hackers can be the immune system of the digital age because they force us to change. They are valuable; they teach us important lessons,” she argued. “It’s time to take a page from the hackers’ book. It’s not a time to keep calm and carry on, it’s time to adapt and evolve.”
Credit: Source link
Comments are closed.