The Previous Methods Are Nonetheless the Greatest for Most Cybercriminals

attackers and defenders. Cybercrime teams often are assumed to be early adopters of recent expertise, used to outwit their adversaries and obtain their targets. However in actuality, the image is extra nuanced than that.

Whereas the cybercriminal underground has professionalized and develop into extra organized in recent times, menace actors are, to an important extent, nonetheless utilizing the identical assault strategies as we speak as they had been in 2020. This presents a big alternative for community defenders — however provided that they’re ready to proactively embrace rising applied sciences like synthetic intelligence (AI).

Tried-and-True Ways Proceed to Dominate

Risk researchers are all the time analyzing and predicting novel assaults. Because the cybersecurity panorama evolves, it’s vital for analysis groups to anticipate the place attackers might focus their efforts subsequent and make their organizations extra resilient. It’s equally essential to share these insights with the broader cyber neighborhood to make the digital world safer.

Nonetheless, menace actors are largely nonetheless utilizing tried-and-true ways like phishing, vulnerability exploitation, and compromised account credentials to realize preliminary entry. That is borne out by third-party information as properly. Credential abuse (22%), exploitation of vulnerabilities (20%), and phishing (19%) had been the principle information breach assault vectors over the previous yr, in accordance with Verizon. There was a 34% annual enhance in vulnerability exploitation this yr, whereas staff had been concerned in 60% of breaches, pushed by credential compromise and social engineering.

Learn the Full Article on Darkish Studying