EDITOR ’ S QUESTION

RICK MCELROY , PRINCIPAL CYBERSECURITY

STRATEGIST , VMWARE

It ’ s easy to forget that there ’ s a human being on the other end of the system who is working tirelessly to get visibility into the entire environment .

In January 2021 , we surveyed 180 security professionals from around the world and found that a significant majority ( 63 %) have witnessed incidents of counter incident response ( IR ) since the start of the pandemic . The top counter IR techniques include security tool disablement , DDoS attacks , security tooling bypass , destruction of logs , email monitoring and destructive attacks . This reflects the dangerous nature of today ’ s threat landscape . Attackers are becoming more sophisticated and more destructive .

In this same survey , two out of three security professionals reported being targeted by ransomware during the past year . A new technique that was most observed by security teams was double-extortion ransomware , where attackers exfiltrate sensitive information during a ransomware attack and use it for blackmail to ensure financial gain . For this reason , it ’ s safe to assume that today ’ s cybercriminals who are executing ransomware attacks have a second command and control post inside an organization ’ s infrastructure .

These changes in behavior underscore the importance of threat hunting . It ’ s easy to forget that there ’ s a human being on the other end of the system who is working tirelessly to get visibility into the entire environment . Security teams must know that it ’ s no longer a matter of if you ’ ll get attacked , but when . Adopt a proactive mindset and ensure you have a threat hunting program in place .

The pandemic provided the time , capital and opportunity for cybercrime to industrialize .

34 INTELLIGENTCIO APAC www . intelligentcio . com