Welcome to the era of “mega-hacks”

You may not realize the fact that we live in the age of super hacks.

You may not realize the fact that we live in an era of mega-hacks – a time when records for the scale of cyberattack campaigns are constantly being broken. fast.

More than ever, minor to serious software bugs are being exploited by highly skilled cybercriminals backed by abundant resources – fully utilized to create attacks that penetrate computer systems. of thousands of organizations and businesses, no matter how big or small. It all happened at the same time, in sync, with the damage hard to measure.

“Say there is a book, tell a witness”, newly discovered vulnerabilities in Microsoft’s Exchange Server have shown an impossible example of the mega-hacking trend that is taking over our internet world. The Exchange Server vulnerabilities have been thoroughly and sophisticatedly exploited by highly skilled hackers (most likely backed by an abundance of resources) to deploy an extremely large-scale network attack chain. . In this case, tens of thousands of large and small networks appear to have been compromised in a well-deployed large-scale attack campaign.

Vulnerabilities exist wherever software is available, despite the tireless efforts of developers to remove them, it’s simply a matter of course. The only problem is whether the vulnerability is found or not, and who finds it – software developers or hackers. It is a sad reality that we are witnessing at the present time that the cybercriminals have somewhat dominated in their ability to find vulnerabilities compared to security experts, as well as their considerable effort. in turning these vulnerabilities into damaging attacks.

The cross-platform trend in the software world leads to the fact that more and more organizations are using the same software tools and applications. Some are not even aware of the software code they are relying on. That’s how today’s world is connected through software. This offers greater convenience, but can also lead to cybersecurity disasters. For example, a system management software is used by 1000 businesses, when this software contains vulnerabilities, the other 1000 businesses can also completely become victims of hackers.

What is more remarkable is the lack of initiative of enterprises themselves in ensuring the safety of their systems. Even when they know there is a problem with the software they are using, many companies are still very slow to apply the latest updates to that software, despite being warned by the software vendors about it. existence of vulnerabilities.

On the other side of the battlefield, hacker groups carry many different malicious motives. There are groups of state-backed hackers who want to gain access to as many systems as possible before determining which is of strategic value (source of intelligence or as a springboard to infiltrate other systems). ). There are also cybercriminals who want to break into a certain target to steal data or use ransomware to make money. Either way, threat actors are now quite sophisticated enough to “sniff” and abuse vulnerabilities faster than ever before.

A software vulnerability not only affects one company, but can also put thousands, even tens of thousands of other companies at risk as groups of hackers “race” to exploit it, infiltrating as many as possible. system as possible before a fix is ​​found and applied. Some companies used to think that they were too small to be the target of hackers, but this is a naive and downright wrong idea. Besides, thinking that cutting and optimizing costs by not patching software is also a “fatal” mistake.

So what can organizations and businesses do and should do? Deploying projects that fix bugs in everything – starting with the basic programming language and code (usually open source) that underpin software applications – is a good place to start. Promoting secure code as a standard is a must. Companies must also understand that legacy systems may contain vulnerabilities and that patching is not optional but required. In the long term, the ransomware threat must be addressed and better international rules on state-backed hacking apply. Both are not easy problems to solve.

(According to Network Administrator)