Cyberattackers are exploiting SPoF to cast a wider net of chaos
When it comes to insurance, CyberCube suggests the market should pay attention to threats from Chinese APTs.
Cyberattackers are learning to work smarter, not harder, and are increasingly focusing on infiltrating targets by utilizing Single Points of Failure (SPoF). SPoF are hot targets for hackers because once they have gained access to these points, they are then able to gain access to interconnected entities. Bad actors have found ways to exploit these points to create a large network of compromised infrastructure that allows them to commit cyberattacks, including espionage.
CyberCube recently released their latest Global Threat Briefing, in which they identified companies utilizing SPoF tech in the Forbes 1000 group who are known targets of Russian state-sponsored APTs. The majority of these targets, they found, are in the U.S. and Europe, with 257 Forbes 1000 companies in the U.S. alone using SPoFs they’ve deemed risky. Russian state-sponsored Advanced Persistent Threats (APT) are exploiting at least 13 technologies, including Microsoft Exchange, Oracle WebLogic and Citrix, and utilizing them as SPoF in their cyberattacks, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA).
It isn’t just large companies being targeted, either. CyberCube found ransomware attacks are focusing on lower-profile operations, which means small and medium-sized businesses are becoming more tempting targets for bad actors – especially those involved in healthcare, agriculture and the food supply chain.
When it comes to insurance, CyberCube suggests the market should pay attention to threats from Chinese APTs. They determined this by examining which companies in the Global Russell 3000 portfolio are using SPoFs, including Cisco, Citrix, Fortinet, Mikro Tik and Pulse, are susceptible to Chinese APT attacks.
In their report, CyberCube also warns more cyberattacks should be expected in the maritime sector. Events like shipping lane blockages and ransomware port attacks over the last two years have contributed to the ongoing supply chain issues that have occurred worldwide. These criminals jump at the chance to take advantage of a company in chaos, and have increasingly been targeting operational technology onboard cargo ships.
Shipping infrastructure casts a wide net, and so gaining access to the workings of vessels can lead bad actors through the connected systems, including those that manage power, handle communications, sound alarms and navigate.
While checking the cybersecurity procedures of any vendor you use and investing in cyber insurance are important steps in preventing your business or agency from becoming a victim of a SPoF attack, the CISA suggests four simple actions:
- Implement multi-factor authentication on business and employee accounts.
- Keep your software updated. It’s best to just turn on automatic updates to prevent missing any security patches or other important updates.
- Think before you click. Phishing emails are responsible for starting more than 90% of cyberattacks.
- Use strong, unique passwords.