iscover
ReporterShare this article on:
Powered by
MOMENTUM
MEDIA
New cyber attack research from F5 Inc in collaboration with Effluxio has found 80 per cent of incidents reported to the F5 Security Incident Response Team in ANZ during 2021 so far have been DoS (Denial-of-Service) attacks, with the financial industry being hit the hardest.
Additionally, incidents targeting user profiles and remote administrative tools were seen alongside criminals launching sophisticated campaigns designed to seek out and target vulnerable business executives.
Attackers have developed the capabilities to do extremely deep research on personas inside of organisations, according to David Arthur, security solutions architect at F5 Inc.
"While these attacks are not always targeting a C-level executive, it could be a pathway to them such as a personal assistant, with the express purpose of reaching those who are the most vulnerable to exploitation.
"We've even had cases of cyber criminals impersonating elite, military intelligence groups in an attempt to extort businesses.
"Of course, if you're not somebody who's living and breathing security, you'll be unfamiliar with how these groups operate, which is what they're counting on," Arthur said.
The research also uncovered APCJ to be the global leader in reported DoS attacks from 2018-21, as criminals focused their attention on regions and markets such as ANZ, which are viewed as easier and more vulnerable targets.
Arthur explains that the reason we've seen such a spike in DoS incidents across APCJ and ANZ is other regions tend to have their defences already primed to deal with these attacks.
"Organisations have finite resources, and with the rate new technology is entering the market, you can't solve every single problem to the highest level that you'd want to."
Findings also revealed financial services had 78 per cent more authentication attacks, dwarfing other industries such as government and services providers, in addition to more than 45 million scans targeting port 5900, the network port responsible for VNC, a popular desktop sharing and remote access control application.
According to Malcolm Heath, senior threat researcher at F5 Inc, attacks targeting remote access solutions were already showing up in the data well before COVID, but it skyrocketed after the pandemic began.
"What you had was the use of fast, cheap and easy ways to provide remote access to employees who were suddenly working from home, and attackers realised that and just followed right along.
"These systems are not always subject to a company's password requirements, so you end up with individual employees setting basic passwords such as 'ABC 123', and there you go, it's as if I'm sitting right at your desk.
“It’s clear that attackers are quick to adapt to change in the world and will move quickly towards the newest, weakest links. For every new service or change to our environments, we must consider how attackers can use this to their advantage, and reconsider our defences as well,” Heath concluded.
[Related: Nikki Saunders appointed as Schneider Electric cyber security ecosystem program manager]
Be the first to hear the latest developments in the cyber industry.
