• XRATOR
  • Contact Us
  • Privacy & Policy
Conquer your risk
  • Home
  • Articles
  • News
  • Research
  • State of the art
No Result
View All Result
  • Home
  • Articles
  • News
  • Research
  • State of the art
No Result
View All Result
Conquer your risk
No Result
View All Result
Home Cybercrime

ENISA warns of growing cybersecurity threat caused by the geopolitics context

The global cyber domain has been affected by geopolitical situations particularly the Russian invasion of Ukraine.

Gert Van de VenbyGert Van de Ven
December 2, 2022
in Cyber Attacks, Cybercrime, News, Threat Intelligence, Vulnerability & Weakness
2
ENISA warns of growing cybersecurity threat caused by the geopolitics context

The European Union Agency for Cybersecurity (ENISA) published a report revealing that cyberwarfare, hacktivism, and malicious cyberattacks have transformed the geopolitical climate. The Russian invasion of Ukraine has had a significant impact on the global cyber sector over the past decade. They detected a rise in cyberthreats, as well as an increase in the variety of vectors, including zero-day exploits and AI-based disinformation and deepfakes. As a result, more extensive and damaging attacks are now common.

Geopolitics impacts the ransomware landscape

According to Enisa, the Ukrainian crisis has redefined the boundaries of cyberwarfare and hacktivism, whether it be private firms or unknown groups. Geopolitically motivated cyberattacks may increase, posing a risk of collateral damage. Ransomware is still one of the most harmful forms of malware, but there has been an increase in denial-of-service attacks. Denial-of-service attacks are becoming more complicated, and they have become more frequent in Ukraine and the Internet of Things. Although denial-of-service attacks can be used to extort money, they are simpler to execute than ransomware.

Zero-days vulnerabilities

In addition to an increase in the quantity of 0-day exploits, ENISA also sees a rise in the number of malware attacks exploiting such flaws. This may be a manifestation of attackers becoming more professional or a sign that more mature security levels are forcing them to strike harder. According to them, the most exploited vulnerabilities in cyber attacks were ProxyLogon, ProxyShell, PrintNightmare, and Log4Shell. Phishing was the most common intrusion vector, despite its low cost. It involves remote access via the Remote Desktop Protocol, which is simple for attackers to execute. It is also evolving with new variants that target specific individuals or declining to SMS or phone calls.

According to the agency, malicious hackers are purchasing a lot on black markets to obtain unauthorized access to organizations’ networks. They are also expected to exploit new vulnerabilities in 2022. They will target the Internet of Things, VPNs, and cloud infrastructure, in addition to continuing to exploit opportunities presented by newly discovered vulnerabilities.

AI-based disinformation

The prevalence of disinformation and misinformation campaigns has risen in recent years, primarily because of the rise in social media and online media. Digital platforms have become the norm for news and information. People now get their information from social media sites, news and media outlets, even search engines. Because these sites attract users and drive traffic, information that gets the most eyeballs is typically the one that is promoted, particularly if it hasn’t been verified.

The conflict between Russia and Ukraine has demonstrated new ways to exploit this danger, influencing people’s perceptions of the war’s status and the responsibilities of the parties involved. There are various motivations behind the difference between incorrect and purposely falsified details. To put up with the definitions of misinformation and disinformation is where this comes in.

Deepfakes

For decades, political leaders have artificially generated or distributed altered or decontextualized content. Recently, deepfakes have offered malicious actors with simple and efficient tools for generating fake content that appears authentic (audio, video, images, and text).

Deepfakes have become an important tool in the hands of AI-enabled disinformation, allowing for Vladimir Putin and Volodymyr Zelenskyy to be portrayed in supporting messages of the adversary’s views. Despite being fabricated, these videos still spread online.

Attacks on the supply chain

A supply chain attack targets the connection between suppliers and organizations. It is defined as a combination of two assaults or more in the supply chain. In order to qualify as a supply chain assault, both the supplier and buyer must be targeted. Supply chain assaults have the potential to cause serious damage. They were brought in public light with the SolarWinds case and demonstrated the potential for such assaults. It appears that threat actors are still exploiting this technique in order to infiltrate organizations and exploit their widespread potential victim population.

Cybercriminals are becoming more interested and skilled in supply chain attacks. Supply chain assaults are primarily associated with state-backed actors, but cybercriminals have become more interested and skilled in this approach as an assault vector during the reporting period. During the reporting period, supply chain assaults have been increasingly connected with ransomware campaigns, allowing the threat actors to enlarge the extent of their operations by compromising a single supply chain initially. Supply chain assaults normally lead to ransomware deployment, coin mining, stealing cryptocurrency, or stealing credentials that cybercriminals may utilize in their malicious actions.

 

 

 

 

Tags: Artificial IntelligenceCyberespionageDeepfakeDisinformationGeopoliticsHuman & SocietiesInfluence operationransomwareSupply ChainWarfareZero Day

Categories

  • Cybercrime
  • Malware
  • Vulnerability & Weakness
  • Threat Intelligence
  • Cyber Attacks
  • Cybersecurity
  • Offensive Security
  • Risk Management
  • Cyberdefense
  • Cyber Insurance

Popular News

  • Cybercriminals regularly hack into individual and organization network. They may steal password to sell them on the darkweb.

    4 websites to check if your password is in the darkweb

    0 shares
    Share 0 Tweet 0
  • 10 Essential Tools for IoT Pentesting

    0 shares
    Share 0 Tweet 0
  • Threat Modeling : from Software Security to Cyber Risk Management

    0 shares
    Share 0 Tweet 0
  • 8 TV Shows and Movies about Personal Data Abuse

    0 shares
    Share 0 Tweet 0
  • The Code Knight: Mastering the Craft of Defensive Programming

    0 shares
    Share 0 Tweet 0

"Conquer Your Risk" is a corporate blog for Cybersecurity and Risk Management executives and specialists, sharing XRATOR experts' views on Cybersecurity, Threat Intelligence, Risk Management and Cyber Insurance.

Categories

  • Articles
  • Cyber Attacks
  • Cyber Insurance
  • Cybercrime
  • Cyberdefense
  • Cybersecurity
  • Malware
  • News
  • Offensive Security
  • Research
  • Risk Management
  • Scams
  • State of the art
  • Threat Intelligence
  • Uncategorized
  • Vulnerability & Weakness

Quick Links

  • XRATOR
  • Our Experts
  • Privacy Policy
  • Contact Us

XRATOR® – copyright 2020-2021

No Result
View All Result
  • Contact Us
  • Homepages

© 2018 JNews by Jegtheme.

Manage Cookie Consent
We use cookies to optimize our website and our service.
By closing this windows, you automatically deny non-functionals cookies.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
Preferences
{title} {title} {title}
Manage Cookie Consent
We use cookies to optimize our website and our service.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
Preferences
{title} {title} {title}