top of page
IBM.PNG

Vintage Cybersecurity Attacks Reincarnated 

By: Debbie Langeman, IBM Principal Technology Sales Leader, State of Florida and FTC Advisory Board Member.

 

IBM’s New Security Threats Report Contains Cyber Precautions for Florida’s Energy Industry

 

According to the U.S. Energy Information Administration, more than 9 in 10 Floridians now use electricity for home energy needs, consuming more than half (54%) of the electricity used in Florida. This represents the greatest share of any state.  The good news? Florida is an energy powerhouse: the second largest producer after Texas and third in the nation in total solar power generating capacity.*  

 

The bad news? Florida’s thriving energy industry is also at higher risk for cybercrime. Issued February 22, 2023, our IBM Security 2023 X-Force Threat Intelligence Index reveals that energy is the fourth most attacked industry by cybercriminals worldwide and the industry attacked most often in North America. In a hot and humid state like Florida, the thought of an energy and utilities cyber-attack is just as scary as the possibility of a CAT 4 hurricane.

 

Cybersecurity experts are constantly evolving ways to fight against changing threat landscapes and attack strategies. In 2022, the challenge grew even more intense as attackers employed both advanced and vintage methods.

 

Old Threats, New Disruptions

Energy IT systems, like those across other industries, are often difficult to patch, making them highly susceptible to older threat attack methods, which cybercriminals are increasingly exploiting. For example, a recent widespread attack, first flagged by Italy’s National Cybersecurity Agency, exploited a two-year-old vulnerability in VMware ESXi software and impacted over 3,800 organizations, including some within the State of Florida. The continued use of older exploits highlights the need for organizations to refine and mature vulnerability management programs, including a risk-based prioritization of patches.

 

Our new cyber threat report found another older trend, email-based attacks, being renewed by the widespread adoption of remote work.  In 2022, phishing proved to be the go-to method for cyber criminals, representing 35% of cyberattacks in North America. Despite its long-standing presence, email-based attacks have evolved, becoming more difficult to detect. Thread hijacking is a good example of this evolution: Attackers disguise themselves as trusted sources in recent email conversations, fooling  friends, family, and coworkers into revealing sensitive information or granting access to systems. This technique is especially dangerous as it uses existing trust, making unsuspecting victims more likely to react quickly and click on malicious links.

 

To stay ahead of the curve, Florida organizations can take the following steps to increase their resilience against attackers and defend against old and new threats:

 

  • Catch infections earlier by employing endpoint or extended detection & response technologies. These technologies provide the means to identify and mitigate threats before adversaries take more dangerous actions.

  • Think like an attacker and know your attack surface. One third of attackable assets on organizations networks are unmanaged or unknown – offering easy targets for attackers and risking unintended data exposure. Discover where you’re exposed and the ways an attacker could get in with least detection.

  • Train for fast response. Accept that breaches are inevitable and set up methods for rapid response; speed is the biggest key to limiting the blast radius. 

  • Test regularly. Formulate a sophisticated offensive testing program that implements threat hunting, penetration testing, and objective-based red teaming to uncover weaknesses in your defenses. Perform these tests frequently. Challenge your assumptions about your threat coverage.

 

The resurgence of vintage attack methods underscores the practical impossibility of achieving complete coverage against cybercriminals. To best safeguard your business assets, it’s critical to deploy predictive and forward-looking technology while preparing for nimble response when—not if—a breach occurs. 

 

To review the full report, see: https://ibm.biz/BdPG7N

 

*Source: U.S. Energy Information Administration, January 18, 2023

© 2024 by Florida Technology Council.

  • Linkedin
  • Facebook
  • X
bottom of page