Investors are pumping millions of dollars into encryption as unease about data security drives a rising need for ways to keep unwanted eyes away from personal and corporate information — © AFP
A recent U.S. FBI advisory warning has been issued to investors. The warning indicates that cybercriminals are increasingly exploiting security vulnerabilities in Decentralized Finance (DeFi) platforms to steal cryptocurrency.
Looking into the background of the warning for Digital Journal is Surja Chatterjea, Head, Product and Alliances at Skybox Security.
Chatterjea explains why the U.S. government has been keen to issue the warning and what the implications are: “The FBI issued a warning noting that threat actors are targeting known common vulnerabilities and exposures (CVEs) of in Decentralized Finance platforms to steal cryptocurrency.”
There have been several government led warnings about cybersecurity issues in recent months. Chatterjea says: This is the latest urgent reminder that cybercriminals are increasingly targeting known vulnerabilities hiding in plain sight and turning them into backdoors to deploy complex attacks that are increasing at record rates. If organizations are relying on conventional approaches to vulnerability management, they may only move to patch the highest severity vulnerabilities first based on the Common Vulnerability Scoring System (CVSS).”
The reason is because many companies follow a similar path for developing their control systems. Here Chatterjea points out: “Cybercriminals know this is how many companies handle their cybersecurity, so they’ve learned to take advantage of vulnerabilities seen as less critical to carry out their attacks. Skybox Research Lab recently found that new cryptojacking programs were up 75 percent year over year.”
Cryptojacking is the unauthorized use of someone else’s compute resources to mine cryptocurrency.
Despite the risk, there are things that can be done. Chatterjea explains: “To stay ahead of cybercriminals, companies need to address vulnerability exposure risks before hackers attack them. That means taking a more proactive approach to vulnerability management by learning to identify and prioritize exposed vulnerabilities across the entire threat landscape. Proactive approaches to vulnerability management can significantly reduce time and resources spent by threat hunting teams in reactive enterprise-wide searches for indicators of compromise (IoCs) and indicators of attack (IoAs).”
Chatterjea further recommends: “A mature risk management program explicitly links vulnerabilities with their associated malware names and types (Cryptocurrency Miner for example) to improve MTTD/MTTR and drive down breach risk across the enterprise. Organizations should ensure they have solutions in place capable of quantifying the business impact of cyber risks into economic impact. This will help them identify and prioritize the most critical threats based on the size of financial impact, among other risk analyses such as exposure-based risk scores.”
Chatterjea’s final words of advice are: “It’s essential for organizations to increase the maturity of their vulnerability management programs to ensure they can quickly discover if they are impacted by vulnerabilities and how urgent it is to remediate.”