HP Cybersecurity Study Shows Things Have Gone From Bad to Worse

New data indicates attacks by state-sponsored hackers have doubled in the last three years

9639

04/26/2021

Jamie Bsales

 

 

We all know that cybercrime has been a growing issue, and research released by HP shows just how bad the situation has become. A newly released study conducted by Dr. Mike McGuire, Senior Lecturer in Criminology at the University of Surrey, notes a rise in nation-state incidents deemed “significant” between 2017-2020. The research draws upon first-hand intelligence gathered from informants across the dark web, along with consultations with an expert panel of 50 leading cybersecurity practitioners. The study paints a picture of escalations in attacks supported by increasingly complex structures that intersect with the underground cybercrime economy referred to as the “Web of Profit.”

 

Among the findings were some disturbing trends that pointed to increased activity of hackers and/or hacker networks sponsored by nation-sates:

  • 64% of the expert panel said 2020 presented a ‘worrying’ or ‘very worrying’ escalation in tensions, with 75% saying COVID-19 presented a ‘significant opportunity’ for nation states to exploit.
  • Supply-chain attacks saw a rise of 78% in 2019; between 2017 and 2020, there were over 27 distinct supply-chain attacks which could be associated with nation-state actors.
  • More than 40% of the incidents analyzed involved a cyberattack upon assets that had a physical, as well as a digital, component, for example, an attack on an energy plant.
  • Tactics used by nation-states to acquire COVID-19-related IP data appear to have been “road tested” by cybercriminals; the study noted that this is characteristic of the way nation-states have become beneficiaries of and contributors to the Web of Profit.
  • There is evidence that nation-states are “stockpiling” Zero-Day vulnerabilities uncovered around the globe, likely for use later on.

 

In conjunction with the results of this study, HP also released its latest, downloadable Quarterly Threat Insights Report, which highlights new techniques being used by cybercriminals to breach vulnerable endpoints such as servers, computers, MFPs/printers, and IoT devices. The report shows that almost 30% of the cyber threats captured by the HP threat team were previously unknown, as attackers increase their use of smokescreen techniques to evade detection tools. Moreover, it took an average of almost nine days for the new malware to become widely recognized by antivirus engines—giving hackers more than a week’s head start to further their campaigns. Other key findings Quarterly Threat Insights Report included the fact that 66% of attacks were driven by Trojans (like Dridex and Emotet). Worse, 88% of malware detected was delivered via email to user inboxes, often bypassing email gateway filters.

 

Our research and lab-based testing has shown that Internet-connected printers and MFPs can be an avenue for attack. This is especially true for sophisticated hackers with the time and resources to probe for devices with open ports that could allow them to transverse from the Internet to a corporate network. To help make sure your devices—or your customers’—are less vulnerable, check out our MFP Security Overview and Recommendations presentation in the InfoCenter.

 

Subscribers to our Office CompleteView Service can log in to InfoCenter to see all of our research and information about cybersecurity. Not a subscriber? No problem. Just send us an email at sales@keypointintelligence.com for more info.