MIL-OSI Economics: A deep dive into the most interesting incident response cases of last year

MIL-OSI Economics: A deep dive into the most interesting incident response cases of last year
Foreign Affairs – MIL-OSI Publisher
In 2023, Kaspersky’s Global Emergency Response Team (GERT) provided insights into varying cyber threats, chiefly ransomware, with significant activity observed in the Government sector needing digital forensics and incident response services
The report highlights cases of insider fraud where internal services were exploited for financial gain, resulting in losses exceeding $20 million in one instance
Investigations revealed abuses of internal systems via VPN access where legitimate user privileges were misused for unauthorized transactions
Kaspersky also examined an attack involving a known software masquerading as legitimate system services, used to maintain persistent access within a corporate environment
This involved leveraging tools like certutil and exploiting configuration settings in applications like Zabbix
Notably, the attackers deployed an ICMP backdoor for covert data transfer
Moreover, a spear-phishing attack targeted at a financial company demonstrated how attackers bypassed multi-factor authentication (MFA) controls, leading to the compromise of privileged user accounts and unauthorized financial transactions
Through these analyses, GERT identified key Mitre ATT&CK techniques utilized by threat actors, highlighting methods in credential access, persistence, and evasion tactics
The report emphasizes the importance of continuous monitoring and response strategies integrated within cybersecurity programs to detect and mitigate threats effectively
GERT’s work underscores the evolving complexity of cyber threats, advocating for robust monitoring systems like Managed Detection and Response (MDR) to enhance defense capabilities
Additional insights and case studies are available for those interested in Kaspersky’s comprehensive Incident Response practices.
Link: https://foreignaffairs.co.nz/2024/09/03/mil-osi-economics-a-deep-dive-into-the-most-interesting-incident-response-cases-of-last-year


Categories:

Tags: