30 March 2021

Cybercrime never stands still. In January this year, four zero-day exploits were discovered in on-premises Microsoft Exchange Servers, giving attackers full access to user emails and passwords, administrator privileges and access to devices on the same network¹. And on 12 March, Microsoft announced that “a new family of ransomware” had been deployed to the compromised servers that were left unpatched².

This just goes to show that cyber criminals are relentless in looking for vulnerabilities and new attack vectors. And they target organisations of all types and sizes. Right now, many organisations are finding their IT resources stretched thin due to competing priorities.

But security has to come first. Organisations have to be certain they are protected. Attacks are disruptive at best and devastating at worst. Remediating after an attack is far more time-consuming and expensive than preventing it. So, what dangers do businesses need protection from?

Threats are ever-more complex and stealthier

At TruStack, we manage cyber security for customers across multiple sectors and we’ve seen how quickly the threat landscape is evolving. Without doubt, security is getting more complicated. Commonplace threats are still prevalent, but as the attack on Microsoft Exchange Servers shows, the first attack is often no longer the end of the story. Let’s take a look at the key trends that have emerged over 2020, as these indicate the threats we’ll be facing over the coming years.

Trend 1 – Trojans and droppers have a new role

Trojans and droppers remain popular with cyber criminals, but they’re now being used as new forms of malware delivery in multi-stage attacks.

Trend 2 – Orchestrated, multi-staged attacks are rising

Multi-stage, evasive cyber attacks are becoming standard. They use new methods to evade detection by antivirus software, hide data exfiltration actions and coordinate multi-staged manoeuvres through command-and-control (C2) infrastructure.

Trend 3 – Cryptomining invites trouble

It’s been argued that cryptomining isn’t an attack that businesses need to worry about. But in the context of software-based cryptomining where mining software operates anytime the machine is on, there is much higher risk of damaging hardware and it could leave a door open to other attacks.

Trend 4 – Propagating attacks through pandemic-related content

With millions of people desperate for information, malicious actors set up countless sites to phish for credentials and drop malware, often mimicking content from official bodies.

“Will it happen to me?”

The answer is likely to be “yes”. Data from thousands of Cisco customers shows just how prevalent threats are. In the first nine months of 2020, 91% of customers saw a domain linked to malware. 85% saw a domain linked to phishing. 68% saw a domain linked to cryptomining. 63% saw a domain linked to trojans.

It’s clear that cyber security is growing more challenging all the time. And we’re definitely past the point of simply increasing the headcount to fight off multiplying threats. To effectively defend businesses against cyber criminals, you need a security solution that uses the full power of technology to deliver market-leading protection.

Cisco Umbrella – protection everywhere

One solution that’s up to the challenge of today’s threat landscape is Cisco Umbrella. At TruStack, we’ve had a lot of experience in bringing this cloud solution to customers small and large, giving them the reassurance that they are comprehensively protected. There’s so much to recommend Cisco Umbrella. It’s designed to combat sophisticated threats, detecting and blocking them before a full attack is launched. It protects your entire workforce, no matter where they are. It also sweeps away multiple security tools, so IT teams no longer waste time, energy and resources checking different systems.

How does it work?

Cisco Umbrella protects users everywhere with DNS‑layer security and interactive threat intelligence. It combines multiple security functions into one solution, so you can extend protection to devices, remote users and distributed locations anywhere. It enables secure access to the internet and cloud apps, empowering your employees to work anywhere, maintaining productivity while minimizing risk.

For IT teams, it helps to improve security visibility, detect compromised systems and protect users on and off the network by stopping threats over any port or protocol before they reach your network or endpoints. In addition to DNS-layer security, Cisco Umbrella now includes secure web gateway, firewall, and cloud access security broker (CASB) functionality, plus integration with Cisco SD-WAN, delivered from a single cloud security service.

Protecting again +7 million malicious domains

Cisco Umbrella is effective because it leverages data from Cisco Talos, one of the largest commercial threat intelligence teams in the world. Umbrella uncovers and blocks a broad spectrum of malicious domains, IPs, URLs, and files being used in attacks, and discovers 60,000 new malicious domains every day. This is why Cisco’s threat protection is trusted by the largest businesses in the world, but it’s also affordable for any size of business.

Partner with TruStack to get Umbrella for your business

We’re experts at deploying and managing Cisco Umbrella. How you work with us is up to you. We can help you get up and running fast, then let your team take over. However, many of our customers prefer us to provide Cisco Umbrella as a managed service. It means you have the reassurance of our team of security experts overseeing your network. This also gives your in-house IT team more time to handle other projects. There are three packages available, and we can help you choose the one that’s right for your business.

To find out more about Cisco Umbrella, get in touch with us.

SOURCES

[1] https://en.wikipedia.org/wiki/2021_Microsoft_Exchange_Server_data_breach

[2] https://rcpmag.com/blogs/scott-bekker/2021/03/ransomware-exchange-vulnerabilities.aspx