Weaponization Of Previously Stolen Data
A lot of user and organization data had already been stolen in previous breaches and is now being weaponized against them in subsequent attacks, said Barracuda Chief Technology Officer Fleming Shi. Adversaries leverage the personally identifiable information they’ve already taken to obtain a user’s credentials and password, and then target the SaaS applications where these people are logging in.
Adversaries are particularly focused on identifying ways to get into the infrastructure behind whatever is running a company’s web applications, according to Shi. Hackers are particularly well-positioned to inflict damage if they’re able to get into a company’s VPN since that provides access to a lot of the business’ internal systems, Shi said.
Hackers can gain access to reputable brands and hijack their networks and systems to carry out attacks by getting into their supply chain or build process and manipulating software updates that are applied automatically, Shi said. Specifically, Shi said adversaries that get into a victim’s infrastructure and change payloads during the update process can inflict damage without needing the end user to take action.