At any point of the digital transition,…
On April 13, 2021, Kevin Mitnick, a “legendary hacker” and “the guy once most hated by the FBI (Federal Bureau of Investigation),” was interviewed online. Mr. Mitnick is the Chief Hacking Officer (CHO) of KnowBe4 (KnowBe4), a company that specializes in organizational security training. “As the global pandemic of the latest coronavirus progresses, the attacks will become even more pronounced in 2021.” “It’s obvious that corporations and organisations all over the world are dropping their guard against cyberattacks as people operate from home, which is less accessible than offices,” Mitnick warns.
In the meantime, new forms of threats emerge one after the other. For eg, a group in the United States has been experimenting with modifying the destination of text messages received on cell phones in the last few weeks. When using two-step authentication, the code is often obtained from the cell phone’s text message feature. The code is stolen by the assailant. Nonetheless, “This isn’t a true attack; it’s a virtual one. The defense environment, on the other hand, is so diverse that it is no exaggeration to conclude that the styles of threats and attackers shift on a weekly basis.” (From Mitnick)
With an 85 percent performance rate, breaking into a business network The “looseness” of the defenders is also stated by Mitnick. In certain instances, the organization has not correctly configured the device and terminals, making it vulnerable to intrusion from any location.
It’s also possible to unleash a “password spray attack” on an employee’s email address. It’s a technique for attempting to log into several workers with the same password. Many businesses have implemented a system that locks an account if it is used incorrectly several times. You’ll get a matching account if you try a standard password for all employees’ accounts, such as “welcome 2021.” “According to our penetration assessments,” Mitnick said, “we can crack into corporate networks with an 85 percent success rate.”
Mitnick stated, “Threats should be closely monitored.” To set alerting conditions, log them and send them to SIEM (Security Information and Event Management). In some situations, the organization lacks the resources to track the logs, which means that even though it is attacked, it will go unnoticed. “There are threats in all markets as long as you have an internet connection,” he warns.
Mitnick said, “Threats should be carefully watched.” To set alerting conditions, log them and send them to SIEM (Security Information and Event Management). In some situations, the organization lacks the resources to track the logs, which means that even though it is attacked, it will go unnoticed. “There are threats in all markets as long as you have an internet connection,” he warns.