By Jordan Smith, US Reporter, HCL Technologies Ltd.
By bypassing AWS’ automated security scanners, hackers are establishing a launching pad for further cyberattacks – often through building phishing pages through AWS.
According to a report from Avanan, a cloud security company, cybercriminals are building these pages within AWS – where little coding skill is needed – and then sending a link to the page in an email to bypass scanners and obtain users’ credentials. Email services that determine the safety of content within an email aren’t immune to these attacks as AWS will always be marked safe.
"With an easy way into the inbox, plus a low lift from end-users, this type of attack can be quite successful for hackers," the report states.
Guarding against attacks
To guard against these attacks, security professionals recommend:
Always hovering over links to see the URL destination prior to clicking it;
Encouraging end-users to ask IT if an email is legitimate; and
Always looking at the email’s content.
"A Dynamic Cybersecurity approach that looks at policies, process and technology as well as people and culture area key requirements in building a resilient posture,” said Renju Varghese, Fellow & Chief Architect, Cybersecurity & GRC Services, HCL Technologies earlier this year.
Integrating cybersecurity and zero trust approaches can help mitigate risks by building a culture of cybersecurity with people and stakeholders. Educating employees on how to detect phishing scams and stop a breach before it happens is critical.
For organizations in the US, President Biden has directed the Cybersecurity and Infrastructure Security Agency (CISA) to work with organizations across critical infrastructure to share information and mitigation guidance as part of the US’ Shields Up initiative. The administration has also urged private sector partners to “harden your cyber defenses immediately by implementing the best practices we have developed together over the last year.”
A recent report from Cisco Talos found that 20 percent of cyberattacks in the last quarter were due to commodity malware attacks. These types of attacks are based on programs readily available on the internet and can be used by anyone.
“Commodity malware is widely available to buy or download for free. It is typically not customized and is used by a variety of threat actors at different stages of their operations or to deliver additional threats,” Cisco Talos’ report said.
Other cyber threats from this year include distributed denial-of-service (DDoS) attacks and crypto jacking, which sees a cybercriminal holding an organization, country, or individual’s data hostage with data loss, disruption, and supply chain attacks.
David Fuhr, an IT security expert, listed five cybersecurity weaknesses and trends, including:
Attacks on supply chain;
Remote maintenance access; and
Shadow IT entity.
The primary cyber weakness involves hackers blackmailing employees with email and phone calls, which may be the result of hackers gaining access to employee systems through these attacks. According to Fuhr, gaps and loopholes in a company’s framework invite cyberattacks.
Partnerships key to defending against cyberthreats
To combat the creativity of hackers and the evolving threats emerging in the cyber security landscape, enterprises need to take a holistic approach to cybersecurity and partner with a trusted service provider.
HCL Technologies works hard to ensure that customers are kept safe and secure. Its Dynamic Cybersecurity Framework provides cyber defense capabilities to monitor, identify, investigate, respond, report, evaluate, and recommend actions in the wake of an attack, while helping to maintain responsive cybersecurity.
The Dynamic Cybersecurity Framework covers cloud, infrastructure and application security, Governance Risk & Compliance (GRC), data security and privacy, identity & access management, business continuity/disaster recovery, and security of things.