Latest Post

Japanese smartphone will disappear from the market?   Intel open-sources a new monospaced font

Eight crucial security issues from VMware’s annual cybersecurity report


Eight crucial security issues from VMware’s annual cybersecurity report.

87% of respondents said they have begun to respond more aggressively to cybercriminals.

In the past, it has been nearly impossible to quickly block advanced cyberattacks without taking extreme measures such as cutting off network connections.


Eight crucial security issues from VMware's annual cybersecurity report


A few days ago, VMware released the “2022 Global Security Incident Threat Response Report”.

Through a survey of 125 enterprise network security incident response experts, combined with the analysis of actual security response incidents in enterprises, the current network security development trend was discussed.

Here are the eight security issues of the report:


1. API has become an important way to be attacked

The report found that attackers are making extensive use of API interfaces and implementing attacks through methods such as SQL injection.

Enterprise organizations need to start the discovery and sorting of asset exposure surfaces as soon as possible, uninstall any unnecessary software, minimize the attack surface, and continuously monitor the security status of the attack surface, so as to reduce API attacks as much as possible chance of success.


2. Rapid growth of deepfake attacks

Deepfakes come in many different forms, often referring to AI-generated videos that look like the real thing. Deepfake videos sometimes serve as the basis for online extortion scams. For the purposes of this report, deepfakes are messages (mostly email messages) that are crafted to mimic legitimate people.

The messages can even mimic the sender’s writing style. One of the best ways organizations can deal with deepfakes is to educate their employees and get them used to questioning any unreasonable news. Strict message filtering can also help thwart deepfakes.


3. More lateral movement occurs

The report’s research found that attackers are increasingly using lateral movement to steal sensitive resources.

Lateral movement was present in 25 percent of attacks, VMware security researchers said.

This lateral movement often exploits an organization’s lack of visibility into cloud platform applications, as well as exploits vulnerabilities in management tools and legitimate software.

The most effective response an organization can take to this type of attack is the need to improve overall visibility. After all, what cannot be monitored cannot be protected.


4. Zero-day vulnerabilities increased by 11% year-on-year

Zero-day vulnerabilities can be a huge security threat for any business organization because they cannot be predicted.

The increasing frequency of these types of attacks means greater cybersecurity challenges.

The most important thing to remember about zero-day attacks is that an attacker needs to gain the necessary permissions for a successful attack.

Therefore, enterprise organizations must pay more attention to the protection of user accounts and access rights, which can effectively avoid many potential advanced threat attacks.


5. The ransomware attack situation is severe

Ransomware has been the top threat facing businesses for years, so it’s no surprise that VMware reports put it on the radar.

Report data shows that nearly 60% of respondents have been attacked by ransomware in the past 12 months.

Organizations can respond to ransomware attacks by enhancing end-user security awareness education and adopting a zero-trust approach, especially when it comes to user permissions.

While minimizing user privileges cannot completely prevent ransomware attacks, it can limit the scope and damage that ransomware can cause.


6. Geopolitical conflicts lead to an increase in cyber attacks

Data from the report shows that the number of cyberattacks has also increased since the outbreak of the conflict in the Russia-Ukraine region.

The big takeaway here is that cybersecurity is becoming an important part of national security.

Therefore, IT professionals should be fully aware of and prepare for the impact such incidents may have on their cybersecurity efforts.


7. the burnout of security personnel is still obvious

IT burnout is a real and serious phenomenon.

The report found that 70% of security staff who experience symptoms of IT burnout have considered leaving.

Organizations must take security staff burnout seriously, as the resignation of key employees can leave the organization in a position where security capabilities are lacking.

While IT workers generally work very hard, organizations must pay attention to the realities of employee burnout and prepare for the possible consequences in advance.


8. The security team (experts) started to fight back

According to the report’s data, 87% of respondents said they have begun to respond more actively to cybercriminals’ attacks.

In the past, it has been nearly impossible to quickly block advanced cyberattacks without taking extreme measures such as cutting off network connections.

However, this report found that many enterprises have begun to use new-generation technologies such as virtual patching to actively respond to sudden security incidents.

Virtual patching refers to the use of a web application firewall or similar tool to disrupt an attacker’s network path, thereby fixing a security hole.