Though many incidents stemmed from familiar security failures, they served up — or resurfaced — some important takeaways.
September 22, 2021
Data breaches can have many causes, but most of them boil down to an organization failing to do something or detect something they should have if they had been following security best practices.
Even so, these attacks can reveal a lot about the bad guys' tactics, techniques, and procedures, the state of malware, and developing trends on the threat horizon.
Many ransomware attacks, for instance, might have the same root cause — like a poorly configured RDP server that provides an initial foothold on the network, or a user clicking on a malicious attachment and downloading malware on their system. Yet today's ransomware attacks are very different from those of even a year ago. Many involve double- and triple extortion schemes where attackers not only encrypt data but also use data theft and denial-of-service attacks as additional forms of leverage. As a result, the impact of ransomware attacks — and the responses to them — are different today than they might have been just a year ago.
Similarly, while phishing continues to be one of the most common initial attack vectors, phishing schemes themselves have become a lot more sophisticated and targeted, with many attacks now combining the use of email, text messages and phone calls.
Here's a look at some breaches or clusters of similarly themed attacks over the past year that served up (or resurfaced ) some key lessons for security leaders.
About the Author(s)
You May Also Like
Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them
April 4, 2024Cybersecurity Strategies for Small and Med Sized Businesses
April 11, 2024Defending Against Today's Threat Landscape with MDR
April 18, 2024Securing Code in the Age of AI
April 24, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024Black Hat Asia - April 16-19 - Learn More
April 16, 2024