Napovedna analiza lahko zmanjša tveganja, povezana s kršitvami podatkov

Sporočilo za javnost

Helsinki, Finland – October 5, 2023: Thanks to the increasing professionalization of cyber crime, predicting the actions of attackers based on profiling is becoming more challenging for cyber security practitioners. To help address the challenge, WithSecure™ (formerly known as F-Secure Business) has published a new study that demonstrates an alternative model of predicting how attacks unfold.

In recent years, the cyber crime industry has become increasingly service-oriented*, where different threat actors provide specialized services to one another. Consequentially, it’s become increasingly difficult for security analysts to understand attackers and the threat they pose based strictly on their use of a particular tactic, technique, or procedure (TTP).

It’s a trend that WithSecure™ Intelligence Senior Researcher Neeraj Singh says is likely to get worse.

“You also have to consider that attackers are constantly expanding their toolkits to include new resources to use in attacks. That means they have more avenues to pursue an attack than ever before. These types of changes make traditional profiling techniques, where you understand and predict specific types of attacks by associating them with particular TTPs or toolsets, less effective,” he explained. 

A new WithSecure™ study on common tactics and toolsets observed in data breaches demonstrates an alternative approach to predicting how cyber attacks can unfold.

Using data collected from cyber attacks observed by WithSecure™ in 2023, researchers were able to correlate tactics/toolsets used together in attacks—correlations that provide a foundation for further analysis.

For example, researchers found that both discovery and collection commonly lead to exfiltration and command and control tactics, indicating adversaries’ reliance on information that’s gathered and stolen from the victim’s machines and sent back to the attackers’ to perform their next steps in an attack lifecycle.

According to Singh, correlations like these can provide a sound basis for making further predictions about different attack paths taken during attacks.

“Machine leaning can build on traditional data analysis techniques to train predictive models that can determine the likelihood of different tactics and toolsets being used on different premises. That’s the kind of preparation that organizations can use to begin reducing the risk of attackers using certain approaches against them,” explained Singh.

Študij, Unveiling the Arsenal: Exploring Attacker Toolsets and Tactics, contains information about the most common tactics and toolsets observed in attacks during 2023, walkthroughs for a variety of security incidents investigated by WithSecure™, and security advice for organizations. The full study is available at https://www.withsecure.com/en/expertise/research-and-innovation/research/unveiling-the-arsenal-exploring-attacker-toolsets-and-tactics.

* Vir: https://www.withsecure.com/en/expertise/research-and-innovation/research/the-professionalization-of-cyber-crime

O WithSecure™
WithSecure™, prej F-Secure Business, je zanesljiv partner kibernetske varnosti. Ponudniki storitev IT, MSSP in podjetja – skupaj z največjimi finančnimi institucijami, proizvajalci in na tisoče najnaprednejših ponudnikov komunikacij in tehnologije na svetu – nam zaupajo kibernetsko varnost, ki temelji na rezultatih in ščiti in omogoča njihovo delovanje. Naša zaščita, ki jo poganja umetna inteligenca, varuje končne točke in sodelovanje v oblaku, naše inteligentno zaznavanje in odziv pa poganjajo strokovnjaki, ki prepoznavajo poslovna tveganja s proaktivnim lovom na grožnje in soočanjem z napadi v živo. Naši svetovalci sodelujejo s podjetji in tehnološkimi izzivalci, da bi zgradili odpornost z varnostnimi nasveti, ki temeljijo na dokazih. Z več kot 30-letnimi izkušnjami pri izdelavi tehnologije, ki izpolnjuje poslovne cilje, smo zgradili svoj portfelj za rast z našimi partnerji prek prilagodljivih komercialnih modelov.

WithSecure™ Corporation je bila ustanovljena leta 1988 in kotira na NASDAQ OMX Helsinki Ltd.

• Distribucija vsebine in PR s pomočjo SEO. Okrepite se še danes.
• PlatoData.Network Vertical Generative Ai. Opolnomočite se. Dostopite tukaj.
• PlatoAiStream. Web3 Intelligence. Razširjeno znanje. Dostopite tukaj.
• PlatoESG. Ogljik, CleanTech, Energija, Okolje, sončna energija, Ravnanje z odpadki. Dostopite tukaj.
• PlatoHealth. Obveščanje o biotehnologiji in kliničnih preskušanjih. Dostopite tukaj.
• vir: https://www.darkreading.com/attacks-breaches/predictive-analysis-can-reduce-risks-associated-with-data-breaches