Sunday, November 29, 2020
Home Lead Story Cybercriminals Prefer Misuse of Authentic Software During Attacks, Says Report

Cybercriminals Prefer Misuse of Authentic Software During Attacks, Says Report

Cybercriminals often misuse legitimate tools in their attacks: Report

Cybercriminals widely use software developed for normal user activity, administrative tasks, and system diagnostics to avoid getting caught quickly after carrying out their attacks, warns a new report by cybersecurity firm Kaspersky.

Almost a third of cyber attacks that the Kaspersky Global Emergency Response team investigated in 2019 involved legitimate remote management and administration tools.

In total, the analysis of anonymized data from incident response cases showed that 18 various legitimate tools were abused by attackers for malicious purposes, according to the company’s new ‘Incident Response Analytics Report’.

The most widely used one was PowerShell. This powerful administration tool can be used for many purposes, from gathering information to running malware.

62 percent of Indian businesses surveyed provided additional training for their staff to learn how to avoid threats while working from home. Pixabay

Another tool, PsExec, was leveraged in 22 percent of the attacks. This console application is intended for launching processes on remote endpoints.

This was followed by SoftPerfect Network Scanner, which is intended to retrieve information about network environments.

It is more difficult for security solutions to detect attacks conducted with legitimate tools because these actions can be both parts of a planned cybercrime activity or a regular system administrator task.

“With these tools, attackers can gather information about corporate networks and then conduct lateral movement, change software and hardware settings or even carry out some form of malicious action,” Konstantin Sapronov, Head of Global Emergency Response Team at Kaspersky, said in a statement.

Cyber threat
India witnessed a fall in the number of cyber crimes in 2019. Pixabay

“It is not possible to exclude these tools for many reasons, however, properly deployed logging and monitoring systems will help to detect suspicious activity in the network and complex attacks at earlier stages,” Sapronov said.

To minimize the chances of remote management software being used to penetrate an infrastructure, organizations should restrict access to remote management tools from external IP addresses, the company recommended.

Also Read: Major Goal is to Identify Planets that Could Support Life: NASA

Moreover, they need to ensure that remote control interfaces can only be accessed from a limited number of endpoints, enforce a strict password policy for all IT systems and deploy multi-factor authentication, Kaspersky said.

It is better to follow the principle of offering staff limited privileges and grant high-privileged accounts only to those who need this to fulfill their job. (IANS)



Most Popular

25M Couples in India Had No Access To Contraceptives During Pandemic

The Covid-19 pandemic interrupted contraceptive access for an estimated over 25 million couples in India, said a report by the Joint United Nations Programme...

Puff-Throated Babbler Spotted in Rajasthan

The spotting of a new species of babbler bird has added a new dimension to Rajasthan's rich biodiversity. The small resident bird spotted in...

Holiday Homes Demand Increased During Pandemic

As the pandemic has significantly impacted the operations of businesses and people's working model, housing preferences also have changed and the demand for holiday...

Researchers Discover Galaxy Surviving Black Hole’s Hunger

Researchers have discovered a galaxy that has been managing to survive a black hole's hunger by continuing to birth new stars, about 100 Sun-sized...

Areas of Brain Promoting Patience Releasing Serotonin

Researchers have identified specific areas of the brain that individually promote patience through the action of serotonin, a chemical that the body produces. The research,...

Climate Change Resulting Decline in Arid Regions’ Vegetation

While climate change and rising global temperatures are leading to declining in vegetation in arid regions of the world's poorest countries, the situation appears...

Instagram Allows Advertisers Create Sponsored Ads From User Accounts

Facebook-owned Instagram is now allowing advertisers to create sponsored ads from user accounts and the feature is part of its update to branded content...

India’s Foreign Exchange Reserves Increase By $2.5 Billion

India's foreign exchange reserves rose $2.51 billion during the week ended November 20. According to the Reserve Bank of India's weekly statistical supplement, the reserves...

Recent Comments