BlueVoyant, the cybersecurity company that evaluates, authenticates, and mitigates internal and external risks, has recently shared the findings of its second external cyber defence trends report. The report draws attention to the emerging risks organisations face outside their usual IT perimeters.
According to Joel Molinoff, the global head of supply chain defence at BlueVoyant, "Organisations attack surfaces are ever expanding, and cyber threat actors are adapting their strategies to exploit new avenues of vulnerabilities." He further remarked on the purpose of this research, stating that BlueVoyant's aim was to "shine a light on the attack vectors organisations need to be aware of and recommended actions to help prevent the latest threats."
Digital businesses are undergoing a significant transformation, thanks to Artificial Intelligence (AI)'s ability to generate content efficiently. Regrettably, cyber criminals are also beginning to use AI to craft more successful phishing campaigns. Ron Feler, BlueVoyant's global head of threat intelligence, suggested that "the increasing use of AI tools" was intensifying the volume of cyber attacks, which in turn was making "defenders' jobs more challenging."
The report highlights several focal areas. Firstly, the use of online advertisements as attack vectors is noted, with multiple instances of threat actors using search engine ads as phishing distribution traps. This strategy involves luring unsuspecting victims to malicious websites disguised as reputable financial institutions in the United States, United Kingdom, and Eastern Europe.
The study also examined the increasing use of AI by cyber criminals. It was found that while AI doesn't fundamentally alter the manner in which threat actors carry out attacks, security teams should be conscious of how their adversaries are using AI to optimise their workflow and facilitate brand abuse. In addition, the report states that better email security is necessary as many organisations are leaving themselves vulnerable to email-based threats by not enabling all key components that secure the authenticity and integrity of messages.
Furthermore, the report underscores the ongoing need to patch systems quicker. In their first report, BlueVoyant found that organisations were often slow to patch systems despite attackers exploiting new vulnerabilities at an increasing speed. Subsequently, there is a higher stakes race between threat actors and defenders following a disclosure.
The main findings of the report were assembled using trend data queries from BlueVoyant's Supply Chain Defence and Digital Risk Protection solutions. Accordingly, Supply Chain Defence is a fully-managed solution that constantly scans clients' vendors, suppliers, and other third parties for any vulnerabilities. It then collaborates with these third parties to promptly resolve any issues identified. The platform uses similar techniques to those employed by external cyber attackers to profile prospective targets and to identify enterprise’s internet-facing software vulnerabilities and other exploitable opportunities.
On the other hand, Digital Risk Protection identifies threats against clients, employees, and business associates on the clear, deep, and dark web plus instant messaging applications. Using DNS data sets and cyber crime channels, the platform keeps up-to-date with the latest cyber attacker techniques, tactics, and procedures, providing unlimited external remediation to prevent financial loss and reputational damage.