Faced with multiple threats, cybersecurity teams are crying out for exhaustion


Alexander Boero

August 31, 2022 at 11:35 a.m.

8

burnout © Pexels / Nataliya Vaitkevich

© Pexels/Nataliya Vaitkevich

cyber extortion, deepfakes and others… IT teams are for many out of breath, with a phenomenon of exhaustion reinforced by a geopolitical context that is delicate to say the least.

The world of cybersecurity has been in turmoil for several years, due in particular to the professionalization of attackers, the COVID-19 pandemic and the growing number of potential victims. But since Russia invaded Ukraine, there has been a massive upsurge in cyberattacks, as 65% of industry professionals say in VMware’s latest annual security report. The consequence is unfortunate for the women and men of cyber, who bring up a state of exhaustion.

Worrying depletion of cyber forces

The main data to take away from the study is that of the burnout of IT teams, which seems to be becoming a recurring and worrying problem. In the past twelve months, for example, 47% of IT teams surveyed said they had reported the burnout of one or more of their limbs, citing extreme pressure as the main motive.

69% of employees surveyed even admit having considered leaving their position. So how to prevent these burnouts and other situations of spite? Two-thirds of companies aware of the phenomenon indicate that they have launched internal programs to improve the well-being of cyber employees. But what do they have to fight?

In question ? The multiplication of attacks and their diversity

On the way to a better fight against cyberattacks, companies will have to take several parameters into consideration. ” Our report reveals that two-thirds of respondents have seen the use of deepfakes as part of an attack, up 13% from the previous year, with email also the vector of choice. Cybercriminals are no longer limited to video or synthetic voice technologies in their influence or disinformation operations. Now they are using deepfakes to compromise organizations and gain access to their environments says VMware’s director of cybersecurity strategy, Rick McElroy.

In addition to deepfakes, cyber extortion strategies abound today, especially among ransomware authors, whose attacks are facilitated by collaboration between cybercriminal groups. 57% of respondents say they have been victims of such an attack in the past 12 months.

APIs (application programming interfaces) have also become a prime target for hackers, with companies increasingly using them to boost their growth. The attackers indeed decide to compromise the security of the APIs. 42% of respondents say hackers choose to reveal sensitive data first or favor SQL and API injection attacks. Distributed denial of service attacks come next.

Finally, companies still struggle to understand lateral movements, which account for 25% of all attacks. Cybercriminals can switch from scripting hosts to file storage systems, PowerShell or professional communication platforms. Attackers use everything at hand to study their targets’ networks in depth. Better to have the greatest possible visibility of today’s expanded attack surface, to face the worst scenarios.



Source link -99