New research by Barracuda has highlighted how today’s hackers are using old-fashioned tactics vulnerability of security to attack and target companies. In this way they aim to achieve remote control of systems, install malwaresteal information, disrupt or disable business processes through attacchi denial-of-service.
The results are based on a 3-month analysis of data collected by the Intrusion Detection Systems (IDS) used by the Barracuda Security Operations Center (SOC), part of Barracuda XDR. IDS tools they provide both a timely warning system for potential attacks, and highlight the weak points targeted by criminals and the most used tactics.
Established Tactics Versus Old Vulnerabilities: What the Research Finds Hackers are trying to gain remote control of vulnerable systems using a tactic dating back to 2008. This allows them to exploit a misconfigured web server to to acquire data, such as application code or sensitive operating system files, to which they should not have access. Another technique being studied to achieve remote control dates back to 2003. It involves trying to insert specially created malicious code into legitimate processes. This allows criminals to read sensitive data, modify operations and send instructions to the operating system. Other established methods target i bug programming languages that developers use to create applications integrated into popular web-based systems or middleware that processes data. For example when a user adds an item to their cart while shopping online. Potentially, therefore, the scope of a successful attack using these tactics is very large. Established Tactics and Old Vulnerabilities IT criminals seek to get hold of sensitive information by attacking vulnerable servers to obtain passwords or user lists. Or by maliciously exploiting legitimate processes to find out how many computers connected to a network have an active IP connection. These operations can help plan and prepare for a larger attack. Hackers also seek to cause widespread chaos, outages, and denial-of-service. And this by altering the online data traffic packets, making them too small or fragmenting them so as to overload and block the communication channels and destination servers.
Take a layered approach to security
Merium Khalid, Senior SOC Manager, Offensive Security di Barracuda XDR
Cyber flaws do not have an expiration date. There is a risk that, over time, they will therefore become more difficult to detect and mitigate, reduced to shadow vulnerabilities, deeply embedded in a system or application. Attack tactics need not be new or even sophisticated to be successful.It is essential to adopt a layered approach to protection, consisting of several layers of detection and analysis that go deeper and deeper. Know what vulnerabilities lurk in an IT environment, who could target them, and how is as crucial as the ability to respond to and mitigate these threats.