This morning, VMware Carbon Black released its latest Global Incident Response Threat Report (GIRTR). Now in its fourth edition, the GIRTR is written in partnership with VMware Carbon Black’s incident response (IR) partner ecosystem and aggregates input from top IR experts to give you, the reader, a full scope of what these security leaders are seeing in real time.
Geopolitical tension is, once again, playing out in cyberspace. According to our report, top IR professionals around the world say ongoing geopolitical tensions involving China, Russia, North Korea and Iran are leading to cyberattacks.
Click here to download the full report from VMware Carbon Black
It’s clear the axis of evil in cyberspace is alive and well. The majority of today’s cyberattacks now include tactics such as lateral movement, island hopping and destructive attacks. Advanced hacking capabilities and services for sale on the dark web compound the issue, as does an unprecedented collaboration among nation-states.
These realities pose a tremendous risk to targets with decentralized systems protecting high-value assets, including money, intellectual property and state secrets. Targets who fail to increase their defenses accordingly are paying an ever-steeper price, as the frequency of destructive attacks continues to climb, according to the research. Financial gain drove most attacks in 2019, the research found, but IR professionals said they are also concerned about these same tools being deployed to interfere with the U.S. elections in 2020.
Click here to download the full report from VMware Carbon Black
Among some of the key findings from the latest report:
China and Russia are responsible for the lion’s share of cyberattacks in 2019. When asked which country accounted for the most attacks, IR professionals said Russia (29%) and then China (18%), followed by North America (11%) and North Korea (4%).
Click here to download the full report from VMware Carbon Black
Among respondents working in the U.S., 59% said risk around election process and security has increased to a significant extent since 2016. Within that same group, 65% said they believe the 2020 U.S. elections will be influenced by an outside entity.
Financial gain was the primary motivation for 90% of attacks, a sharp increase from 61% in the first half of 2019 and a shift from previous years, when intellectual property theft and stealing customer information topped the list.
There has been a continued rise in attackers using island hopping (41% of total attacks, up 5% since Q1 of 2019) and lateral movement (steady at 67% of attacks, well above 2018 averages).
Attackers are adapting. Custom malware was used in 41% of attacks, up from 33% in Q1 of 2019. The use of commodity malware has seen a slight decline, from 57% last quarter to 54%.
Voter databases from previous elections are readily available from high-reputation vendors on the dark web for less than $100. In total, from a single listing, information on more than 81 million voters is currently available for sale.
Click here to download the full report from VMware Carbon Black
The post VMware Carbon Black Threat Report: One Year Out From the 2020 U.S. Elections, Geopolitical Tension Continues to Spawn Cyberattacks appeared first on VMware Carbon Black.