Cyber experts at the SANS Institute have revealed the five most dangerous new attack techniques used by attackers, including cybercriminals and nation-state actors. They were presented in a session at the RSA Conference in San Francisco, where a panel of SANS analysts explored emerging tactics, techniques and procedures (TTPs) and advised organizations on how to prepare for them.
The SANS Institute is a leading cybersecurity training, certification, degree and resource company that aims to equip cybersecurity professionals with practical skills and knowledge.
The session, titled The Five Most Dangerous New Attack Techniques, featured four prominent SANS panelists to provide actionable insights to help security leaders understand and stay ahead of evolving threats. The five emerging cyber attack vectors speakers covered were adversarial AI, ChatGPT-powered social engineering, third-party developer, SEO, and paid advertising attacks.
Adversary AI attacks
With adversarial AI attacks, threat actors manipulate AI tools to amplify the speed of ransomware campaigns and identify zero-day vulnerabilities in complex software, said Stephen Sims, SANS Fellow and Curriculum Lead for ‘offensive cyber operations. From streamlining malware coding processes to democratizing social engineering, adversarial AI has changed the game for attackers, he added. In response, organizations must deploy an integrated defense-in-depth security model that provides layered protections, automates critical detection and response actions, and facilitates effective incident management processes.
Social engineering powered by ChatGPT
In terms of social engineering powered by ChatGPT, threat actors are leveraging generative AI to exploit human risk, targeting the vulnerabilities of individual employees to breach their organization’s network, including their families , according to SANS Fellow Heather Mahalik.
This development means users are now more easily attackable than ever, and it only takes one wrong click on a malicious file to put not only an entire company at risk, but also the victim’s livelihood, Mahalik said. This expanded attack surface requires organizations to foster a culture of cyber vigilance across the fabric of their enterprise to ensure employees are aware of ChatGPT-related attacks.
Attacks by third-party developers
The next most dangerous attack technique explored was third-party developer attacks (also known as software supply chain attacks), primarily an increase in attacks targeting third-party software developers to infiltrate business networks through the supply chain, said Dr. Johannes Ullrich, SANS. Research dean of the Technological Institute. This occurred significantly in the 2022 LastPass breach, where a threat actor exploited third-party software vulnerabilities to bypass existing controls and gain access to privileged environments. For organizations in all industries, the attack underscored the importance of working effectively together with software developers to align security architectures, share threat intelligence and navigate evolving attack techniques, Ullrich said .
SEO attacks and paid advertising attacks
SEO attacks are another dangerous and emerging attack method, as are paid advertising attacks, said Katie Nickels, a SANS-certified instructor. According to Nickels, new SEO and advertising attacks (also called malvertising) are leveraging core marketing strategies to gain early access to business networks. In these cases, threat actors use SEO keywords and paid ads to trick victims into hooking up fake websites, downloading malicious files, and allowing remote user access.
Such attacks mean proactivity on behalf of malicious attackers, who are increasingly moving away from traditional attack techniques that have become easier to defend against, Nickels said. These two attack vectors increase the importance of incorporating scalable user awareness training programs adapted to new threats.
Copyright © 2023 IDG Communications, Inc.
From the dramatic increase of cyber-attacks over the past few years, hackers have become more creative and sophisticated with their malicious techniques. As new attack methods emerge, it’s imperative to be aware of the most dangerous ones, so that safety measures can be taken in order to protect from potential damages. Therefore, at Ikaroa, we have prepared a list of the five most dangerous new attack techniques that you should become aware of today.
1. Credential Stuffing: Credential stuffing is a common attack method used by cybercriminals. It’s a process in which hackers gain access to a data set of usernames and passwords and attempt to use them to gain access to multiple accounts or websites.
2. Social Engineering: Social engineering is the art of manipulating people into performing certain actions or revealing confidential information. It consists of online scams, phishing emails and malicious downloads, among other techniques.
3. Cryptojacking: This type of attack occurs when a hacker infiltrates a computer system and mines cryptocurrency without the owner being aware. It’s a way for cybercriminals to generate revenue without the legitimate user’s consent.
4. Ransomware Attacks: This type of attack consists of hackers blocking access to a user’s data and demanding a ransom payment in order to restore the data.
5. DDo S (Distributed Denial of Service): This attack method consists of flooding a website or network with a huge amount of traffic, in order to render it inaccessible to its intended users.
Overall, it’s important for users to remain aware of the evolving attack techniques in order to protect themselves from potential damages. By taking the proper security measures, such as strong authentication, password protection and regular software updates, users can help make sure their data is secure. To protect your data, contact Ikaroa today.