[ad_1]
VMware has recently published, in conjunction with the conference dedicated to cybersecurity Black Hat USA 2022, its eighth annual report on the state of cybersecurity, the Global Incident Response Threat Report.
Highlights include the growing use of deepfake in attack campaigns and the growth of attacks on APIs, considered the next frontier for cybercrime. To complicate the scenario the overwork of the security teams, which suffer heavily from stress.
Cybercriminals evolve – use of deepfakes grows
Artificial intelligence has made great strides in recent months, and today the software to generate text, images and videos entirely on the computer are very advanced. So much so that creating a deepfake is relatively simple now, and cybercriminals have realized it.
The VMware report highlights how the deepfake technique is increasingly used, for example to impersonate the CEO or some other manager and convince employees to make bank transfers. According to VMware, this attack mode has grown by 13%, and two out of three people in the reference sample (66%) claim to have witnessed an attempted breach of this type.
“To evade security controls, cybercriminals are now introducing deepfakes into their attack methods.“, he has declared Rick McElroy, VMware principal cybersecurity strategist. “According to our report, two out of three respondents found malicious deepfakes being used as part of an attack, up 13% from last year with email being the most common method of transmission. Cybercriminals today are no longer limited to using manipulated video and audio in disinformation campaigns or influence operations. Their new goal is to leverage deepfake technology to gain access and compromise organizations“.
Another very interesting fact is that practically one in four attacks (23%) target Application Programming Interfaces (APIs)and according to the multinational this trend is destined to grow.
The problem of security team burnout
We talk about burnout when you work too much for prolonged periods, which can lead to tiredness, demotivation, distraction. To blame the most for these problems are the security teams, who have great responsibilities and every day are called to keep up with a very high number of alarms and verify that nothing has been compromised and that the infrastructure is safe.
This is not new: this problem has been highlighted for some years. Compared to last year, the percentages of those who claimed to have suffered from burnout have dropped by some measure, but this is not enough to reassure. More than half of the security experts (57%) said they had experienced very high levels of stress in the past 12 months. 69% of these suffered so much that they considered leaving their jobs. However, there is a positive fact: companies are realizing the problem and in two out of three cases they have activated wellness programs to reduce the risk of Burnout.
“To defend against the progressive extension of the attack surface, security teams need an adequate level of visibility into workloads, devices, users and networks to detect, protect and respond to cyber threats. “he has declared Chad Skipper, VMware global security technologist. “If security teams make decisions based on incomplete and inaccurate data, their ability to implement a granular security strategy is also inhibited, and their efforts to detect and block side attacks are hampered by the limited context of their systems.“.
.
[ad_2]
Source link
