Most criminal activity is designed to elicit a payoff for the perpetrator, and crime on the Internet is no different. As new surfaces emerge, previous attacks are reconstituted and applied. Cybersecurity tends to follow a cycle, once you know when and what to look for. To (poorly) paraphrase Bob Dylan: You don't need a weatherman to know which way the wind blows. You just need the experience of being around for a few of these cycles.
The New-New ThingWhen we think about cybersecurity threats and associated mitigations, there are three key factors to consider:
Attack Surface: The thing that an attacker attempts to compromise, such as a laptop, smartphone, or cloud compute instance.
Attack Sophistication: The methods and attack types, including persistence, zero-days, phishing, and spear phishing.
Threat Actors: Who the attackers are and their implied motivations, like nation-states seeking intellectual property or organized crime engaged in ransomware.
The attack surface is like the universe: in a perpetual state of expansion. While your laptop is (hopefully) running a recent operating system version with (kind of) timely patches, there's a good chance that your bank's ATMs are running Windows XP. But after Microsoft retired XP support in 2014, 95% of ATMs were still running the operating system. That number hadn't improved much four years later and hackers were gleefully demonstrating these machines spewing cash. This means an IT security team must live in the past and the future.
A solution to a modern problem can introduce a new set of challenges: a new ..
Support the originator by clicking the read the rest link below.
