Endpoints continue to be the main victims of cyber attacks to violate the security of companies. The confirmation comes from the “Quarterly Threat Insights Report” Of HP Wolf Securitywhich highlights how the new ones techniques used by cybercriminals evolved in the last quarter of 2021.
The main risks come from a series of attacks that exploit the Excel functionality to bypass detection and gain access to target companies, exposing them tol data theft and ransomware attacks. HP Wolf Security reports, for example, the case of a hacker campaign which used i file add-in di Microsoft Excel (.xll) to spread malware with a click. The increase in attacks has grown sixfold (+ 588%). There were also other excel campaigns that used hidden techniques such as thread hijacking emails to trick users into clicking. As well as the Emotet campaign which now leverage Excel instead of JavaScript or Word files.
Faced with the new wave of attacks, experts urge companies to configure email gateways to block .xll attachments inbound, only authorize add-ins certified by trusted partners and completely disable proprietary add-ins. Furthermore, the most effective defense against this type of campaign is the adoption of filosofia Zero Trust to restrict the area accessible to attacks and limit damage. The research also reveals another important pitfall attributable to a Counterfeit Discord installation websitewhich prompted visitors to download theinfostealer RedLine and steal their credentials.
In another report, also produced by HP Wolf Security, it is highlighted instead that the exponential increase in cyber attacks is mainly linked to remote work. In fact, according to the research “Out of Sight & Out of Mind“, An increasing number of end users purchase and connect unauthorized devices outside the remit of the corporate IT team, making them more vulnerable to phishing attacks and other “social engineering” tricks. All of this has a significant impact on IT support, which therefore becomes more complex, time-consuming and expensive.
The research, which sampled data from over 8,400 workers in smart working comparing them with those of 1,100 IT decision makers, it finds that 45% of employees have purchased IT equipment to support remote working. But 68% said safety didn’t play a major role in their purchasing decisions. Another 43% did not have their laptop or PC checked or installed by IT and 50% said the same for a new printer.
As a result, phishing attacks have become more effective. Not surprisingly, 74% of IT teams who say they have seen an increase in the number of employees opening malicious links or email attachments in the past 12 months. 40% of users between the ages of 18 and 24 say they have clicked on a malicious email, and nearly half said they have done so more often since working from home. Of the employees who reported clicking on a link, 70% did not report it to IT, with 24% saying it wasn’t important, 20% citing the “hassle factor” and 12 % who feared being punished.
“People are often unaware that they have clicked something malicious, so the real numbers are probably much higher,” he comments. Ian Pratt, global head of security for personal systems, HP Inc. “Hackers do not always announce themselves, as it has proved more profitable to implement the so-called“ long game ”to move across and infiltrate higher-level infrastructures. For example, using cloud backups to steal sensitive data in bulk, encrypting the data on the servers, and then demand a multimillion-dollar ransom “.
Now, HP Wolf Security notes, IT teams are focusing on responding to security incidents and patching, even though 77% say the time it takes to react to a threat has increased as a result of remote working. , which inevitably led to even greater pressure on the corporate ecosystem. “As IT management becomes increasingly complex, security support is becoming unmanageable. A new security architecture is therefore needed that not only protects against threats, but above all allows cybersecurity teams and users to work safely. By applying the principles of Zero Trust, companies can design resilient defenses to keep the business safe and quickly restore business in the event of a compromise, ”concludes Pratt.