Corporate espionage, also known as industrial espionage, is espionage conducted for commercial or financial purposes. One of the common misconceptions is that espionage is affecting only large corporations or government entities, but it is more common than expected. In this article, we provide an analysis of one such exfiltration and explain why these attacks are on the rise.
In the last few years, we have seen a dramatic shift in the level of sophistication of cyber attacks, mostly thanks to the introduction of the profit-sharing business model for financially motivated threat actors. However, not all stages of the kill chain have received the same attention from threat actors – the focus has been mostly on developing the attack after the initial compromise, focusing on reconnaissance, lateral movement, and extortion methods. The three attack vectors are still dominating the initial compromise:
Leaked or default/weak credentials (62% of actionable alerts by our Managed Detection and Response service)
Phishing attacks
Vulnerability exploits
But one of these things is not like the others. Vulnerability exploits are not relying on the human element, instead, they are using automated scanners to identify and compromise internet-facing systems with unpatched vulnerabilities. According to the latest Data Breach Investigations Report 2022 (DBIR 2022), the number of security breaches caused by vulnerability exploits has doubled in the last year. This trend can be explained by the increased popularity of hybrid attacks – a type of attack where the initial compromise is opportunistic and relies on automa ..
Support the originator by clicking the read the rest link below.
