Cyber Security

Trusted Relationships: A Central Component in Defending Against Prolonged Cyberattacks, Says Experts 

195
(source: Kaspersky)

According to the Kaspersky Incident Response 2023 report, over 1/5 of cyberattacks in 2023 lasted more than a month. Trusted relationships were identified as a key attack vector in these prolonged cases. 

The Kaspersky Incident Response 2023 report shows that cyberattacks lasting over a month increased by 5.55% from 2022, accounting for 21.85%. There’s a notable trend of exploiting trusted relationships, making up 6.78% of the attacks.

This attack method allows threat actors to access multiple victims by compromising a single organization, posing several extra challenges for investigative teams. Initially, organizations that are targeted may not fully understand the significance of thorough investigations and may be hesitant to collaborate.

Secondly, attacks from trusted relationships often take longer to progress, with 50% lasting over a month. A similar proportion of attacks exceeding one month were only seen in insider and phishing vectors.

“In 2023 and for the first time in recent years, attacks through trusted relationships were among the three most used vectors. Half of these incidents were discovered only after a data leak had been found. By exploiting trusted relationships, threat actors can prolong attacks and infiltrate networks for extended periods, posing significant risks to organizations. It’s imperative for businesses to remain vigilant and prioritize security measures to safeguard against such sophisticated tactics,” commented Konstantin Sapronov, Head of Global Emergency Response Team at Kaspersky.

To mitigate the risks highlighted in the report, Kaspersky recommends:

  • Foster a culture of security awareness among employees.
  • Restrict public access to management ports.
  • Enforce a zero-tolerance policy for patch management or implement compensatory measures for public-facing applications.
  • Back up critical data to minimize damage.
  • Implement robust password policies and multifactor authentication.
  • To enhance your company’s protection against advanced attacks and detect attacks at earlier stages, adopt managed security services such as Kaspersky Managed Detection and Response (MDR).
  • In case of suspicious activities that can lead to breaches or incidents that have already occurred, seek the help of cybersecurity experts who provide services such as Kaspersky Incident Response.

To learn more, read the Incident Response 2023 report in this link.

Written by
Tech Beat Philippines

Tech Beat Philippines is the social media news platform for all things technology. It is also a part of the GEARS section on Daddy's Day Out.

Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Daddy’s Day Out is a platform that celebrates modern masculinity and offers a space where men can unite, learn, and grow together. It fosters a community where authenticity, support, and self-expression thrive unapologetically.

Related Articles

Kaspersky Cybersecurity Products Dominate 2024 Performance Rankings

Kaspersky continues to set the standard for excellence in cybersecurity. Throughout all...

Filipinos Must Stay Alert Amid Holiday Cybercrime Surge, Advises Kaspersky

As the holiday season approaches, many Filipinos are shopping online, exchanging gifts,...

Kaspersky Named Leader for its Managed Security Services and Incident Response

Kaspersky has been recognized as a technology leader in the 2024 Quadrant...

Businesses in Southeast Asia Face Over 23 Million Bruteforce Attacks in 2024, Reports Kaspersky

Kaspersky reported a massive record of over 23M bruteforce attacks targeting businesses...