Blog

Get news about our products, which events we are attending plus industry insights and commentary

Attackers only care about what is effective

Written by Sarah Chandley on Tuesday, 25 September 2018. Posted in Cyber

…they do not care about vulnerability scores.

The point being that attackers and attacks are constantly changing, often moving at a pace that cyber defenders cannot keep up with, because in order to remain profitable and/or notorious, criminals need to remain one step ahead. Value from illegal online activity can be measured in different ways but almost always it’s about direct financial gain derived from the sale of stolen private data or payments from ransomware.

Attackers are using automation to increase their reach, employing tools that do the heavy lifting during an attack. Automation allows criminals to find vulnerable servers faster but the main attack is still perpetrated by a human. However, as automated bots increase in sophistication the human element of an attack is likely to decrease with time. Metasploit has been a popular platform for years, used by both testers and hackers but now we have AutoSploit. A new tool that is a combination of Metasploit and Shodan, which automates the search and subsequent hacking of susceptible remote hosts.

 

The ‘Things’ in IoT is not only IT, not only transport, home or communications, it’s everywhere. There are now more IoT devices than people. It’s an attractive target.

We can mitigate against some of this by good design practice, but it’s a struggle. We need operational cultures that are rooted in data and cyber security. We need the help of ethical hackers to identify vulnerabilities (see Barnaby Jack, “You have to demo a threat to spark a solution”) and we need complete visibility and analysis of the flows of data in our large-scale networks so we can hunt for anomalies and where appropriate remove dangerous and harmful activity. 

If a threat is inside your network, you need to be able to see it to take action. If you have data in motion of multiples of 10GbE or multiples of 100GbE we can help. Telesoft provides complete network visibility, analysis, anomaly detection and alerting. At scale. To find out more This email address is being protected from spambots. You need JavaScript enabled to view it..

About the Author

Sarah Chandley

Sarah Chandley

Sarah is an experienced B2B technology marketing professional, creating content for the Cyber Security, Telco and Government Infrastructure sectors. 

Information cookies

Cookies are short reports that are sent and stored on the hard drive of the user's computer through your browser when it connects to a web. Cookies can be used to collect and store user data while connected to provide you the requested services and sometimes tend not to keep. Cookies can be themselves or others.

There are several types of cookies:

  • Technical cookies that facilitate user navigation and use of the various options or services offered by the web as identify the session, allow access to certain areas, facilitate orders, purchases, filling out forms, registration, security, facilitating functionalities (videos, social networks, etc..).
  • Customization cookies that allow users to access services according to their preferences (language, browser, configuration, etc..).
  • Analytical cookies which allow anonymous analysis of the behavior of web users and allow to measure user activity and develop navigation profiles in order to improve the websites.

So when you access our website, in compliance with Article 22 of Law 34/2002 of the Information Society Services, in the analytical cookies treatment, we have requested your consent to their use. All of this is to improve our services. We use Google Analytics to collect anonymous statistical information such as the number of visitors to our site. Cookies added by Google Analytics are governed by the privacy policies of Google Analytics. If you want you can disable cookies from Google Analytics.

However, please note that you can enable or disable cookies by following the instructions of your browser.