end-point
ANALYSIS of cybercriminals are evolving . Firstly , financial institutions don ’ t just attract standard hackers – their CNI status marks them as likely targets for nation-state cyberattacks , which often have more time , resources , and far more skilled actors with which to find and exploit blind spots .
Earlier this year , the NCSC issued a warning about one such sophisticated tactic : living off the land attacks . These cloud-borne cyberattacks focus on
With new startups often making extensive use of modern cloud infrastructure and SaaS providers s uch as Mambu , they benefitted from efficiency and scalability . lateral or ‘ east-west ’ movement , using defensive week spots to gain access to vulnerable cloud hosts before moving internally from host to host to find a safe dwelling spot .
Hidden within the organisation ’ s network , these actors can then bide their time and plan their attack before they act , detecting the most sensitive data stores , analysing the networks for intelligence , and covering their tracks . As hybrid cloud environments grow more sophisticated , financial institutions ’ workloads and data becomes wider spread across the network . Without full visibility and robust security monitoring , the newfound complexity only breeds more potential blind spots for attackers to hide in .
Securing these landscapes with the right tool strategy is essential , and this must evolve in line with changing IT infrastructure . Financial institutions ’ existing security tools , engineered and employed for on-premise environments , rely heavily on data from logs , traces and event files – a fact that living-off-the-land attacks take for granted . The reality is that logs are ‘ mutable ’, meaning bad
Mark Jow , EMEA Technical Evangelist , Gigamon
WWW . INTELLIGENTCISO . COM 73