Emerging Threats, Unchanged Targets – Ensuring Your Users’ Identities’ Safety

AndyC 2 September 2024

Sep 02, 2024The Hacker NewsCybercrime / CISO Insights

Joint Statement by the FBI and CISA Regarding Contemporary Threats and Effective Measures Against Ransomware
Kindly note: A joint advisory by the FBI and CISA on August 29 under the aegis of t

Next-Generation Attacks, Same Targets - How to Protect Your Users' Identities

Sep 02, 2024The Hacker NewsCybercrime / CISO Insights

Next-Generation Attacks, Same Targets - How to Protect Your Users' Identities

Joint Statement by the FBI and CISA Regarding Contemporary Threats and Effective Measures Against Ransomware

Kindly note: A joint advisory by the FBI and CISA on August 29 under the aegis of their ongoing #StopRansomware initiative aims to assist entities in safeguarding against ransomware. The recent advisory, AA24-242A, delineates a novel cybercriminal faction with its modus operandi. It prescribes three pivotal steps for immediate action to diminish cyber threats from ransomware – Timely installation of updates, implementation of phishing-resistant MFA (such as non-SMS text-based), and educating users.

The surge in the count of ransomware assault victims and data breaches has reached such proportions that the fresh challenge in cyber defense is merely to stay abreast of the escalating number of new attacks and revelations from afflicted parties. This arises from remarkable advancements in cybercriminal assault methodologies coupled with tardy adaptability by numerous organizations to novel attack techniques. As anticipated, Innovative AI has truly revolutionized the landscape for cybercriminals targeting organizations, necessitating urgent tweaks to cyber defense strategies.

Amid this profound shift in threats, one constant factor remains: the ingrained human constraints of average users, rendering them the favored prey for cybercriminals. No matter how much training is imparted, the regular user will never possess the adeptness requisite for detecting sophisticated phishing campaigns or elaborate deep fakes.

To delve into the repercussions, Token decided to gather insights on this urgent topic from leading figures in cybersecurity in their own expressions. To achieve this, Token partnered with Datos Insights, a respected global advisory and data services agency, for this research initiative that unveils the perspectives and insights of prominent CISOs and MFA leaders in the workforce in the U.S. Datos Insights eschewed the overused multiple-choice survey methodology in favor of conducting qualitative 60-minute video interviews to delve deep into CISO views. In this article, we will scrutinize the valuable insights gleaned from the study.

Consensus Among CISOs: User Vulnerabilities Rank Highest in Risks

The vectors of attack are progressing in complexity through harnessing artificial intelligence proficiencies, particularly generative AI, rendering them more resilient against defenses by CISOs and their cohorts. Cybercriminals predominantly target staff at extensive enterprises through phishing campaigns to gain access to networks. CISA asserts that 90% of ransomware attacks stem from phishing.

Generative AI

Enhance your organization’s defense with inputs from industry stalwarts. Download the CISO Perspectives on Multifactor Authentication report to uncover how top CISOs are navigating the evolving landscape of identity and access management, and discern how you can implement cutting-edge MFA strategies to safeguard your team and bolster your defenses against emerging threats.

Advanced Phishing Attacks continue to be the most potent weapon in a hacker’s arsenal. These attacks have grown more targeted and intricate with the adoption of Gen AI. Gen AI facilitates the deployment of spear phishing assaults directed at specific individuals within an organization on a grand scale and with heightened precision, leveraging authentic data concerning the organization and its staff to appear genuine. The telltale signs of phishing emails are swiftly disappearing as these emails become increasingly indistinguishable from authentic communications. This trend will soon nullify the efficacy of user training.

This scenario is exacerbated by the ascent of Deepfake technology as Gen AI has birthed novel configurations of social engineering assaults. Cybercriminals are currently exploiting AI-generated voices and videos to impersonate executives and other trusted individuals. These are executed through phone calls from verified numbers that are spoofed by the malefactors and during Zoom video conferences where cybercriminals impersonate known and trusted colleagues. Attackers have achieved success in persuading employees to transfer funds, divulge credentials, and execute other actions jeopardizing security. These assaults capitalize on the innate trust employees repose in familiar voices and visages, rendering them exceptionally perilous.

The tools requisite for executing these assaults are now accessible to billions on the dark web, with no specialized competencies needed. Phishing and ransomware assaults, once the exclusive domain of adept cybercriminals, have now become accessible to any dark web user with the advent of generative AI and fresh cybercrime tools, rendering the perpetration of these assaults feasible for anyone possessing a computing device and internet connectivity. Ransomware-as-a-Service (RaaS) and AI-powered tools available on the dark web have simplified the process, obviating the necessity for advanced skills. This transition empowers individuals with minimal technical acumen to orchestrate sophisticated cyberattacks solely with a computer and internet access. The gig economy meets the new wave of cyber assaults.

Novel assaults necessitate updated defense strategies

Adoption of Phishing-Resistant MFA is indispensable, no longer a luxury. With phishing attacks reigning supreme as the foremost cyber menace for corporations, traditional MFA is increasingly proving inadequate, as the rising victim count attests. Many prevailing MFA solutions hail from antiquated technology. The ongoing report underscores the urgency of deploying phishing-resistant, next-gen MFA solutions, particularly in the face of AI-empowered phishing assaults. CISOs should hasten their implementationthe transition towards hardware-based MFA solutions, utilizing biometrics, and complying with FIDO standards. These measures significantly alleviate phishing and ransomware assaults and could have thwarted the vast majority of present-day ransomware attacks, ultimately saving organizations billions of dollars in losses within the past year.

Implementing next-generation MFA is most effective when strategically deployed for privileged users. The emphasis of the report lies in prioritizing the rollout of next-generation MFA to high-risk users in the corporate sector, particularly those in charge of systems and company executives. Despite having privileged access management (PAM) solutions, CISOs must enhance risk management for System Administrators. “PAM solutions have traditionally been the standard for CISOs in managing system admin risks.” The surge in phishing and insider attacks demands that CISOs prioritize the upgrading of MFA deployments to address this critical business risk. The report revealed that many firms’ senior executives lack robust security measures tailored to their business operations and risks. Surprisingly, almost no CISOs interviewed had specific controls in place for their executive users. With the prevalence of spear-phishing and similar tactics, this disparity is both unexpected and concerning.

Key Takeaway

The tactics employed by cybercriminals are evolving continuously, accelerating notably in the past twelve months. We have exceeded our users’ capacity to serve as the first line of cyber defense and have not equipped them with any innovative tools beyond those developed years or even decades ago. By remaining abreast of the latest threats and instituting a multi-layered defense approach that focuses on transitioning to phishing-resistant, next-generation MFA, organizations can safeguard their users’ identities and thwart cybercriminals from gaining illicit access to data and sensitive operations. Safeguarding users from emerging threats demands attentiveness, education, and the appropriate resources. By giving precedence to these aspects, organizations can considerably diminish the risk of a successful cyberattack and uphold the trust of their clientele and stakeholders.

Discover how Token’s Next-Gen MFA can prevent phishing and ransomware attacks on your organization by visiting tokenring.com

Liked this article? This piece is a contribution from one of our esteemed partners. Stay connected with us on Twitter and LinkedIn for more exclusive content updates.

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , ,

More Stories

Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers

Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers

AndyC 20 December 2025
Cracked Software and YouTube Videos Spread CountLoader and GachiLoader Malware

Cracked Software and YouTube Videos Spread CountLoader and GachiLoader Malware

AndyC 20 December 2025
WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability

WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability

AndyC 20 December 2025
Nigeria Arrests RaccoonO365 Phishing Developer Linked to Microsoft 365 Attacks

Nigeria Arrests RaccoonO365 Phishing Developer Linked to Microsoft 365 Attacks

AndyC 20 December 2025
New UEFI Flaw Enables Early-Boot DMA Attacks on ASRock, ASUS, GIGABYTE, MSI Motherboards

New UEFI Flaw Enables Early-Boot DMA Attacks on ASRock, ASUS, GIGABYTE, MSI Motherboards

AndyC 20 December 2025
China-Aligned Threat Group Uses Windows Group Policy to Deploy Espionage Malware

China-Aligned Threat Group Uses Windows Group Policy to Deploy Espionage Malware

AndyC 19 December 2025

You may have missed

Surge of OAuth Device Code Phishing Attacks Targets M365 Accounts

Russia was behind a destructive cyber attack on a water utility in 2024, Denmark says

AndyC 20 December 2025
Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers

Russia-Linked Hackers Use Microsoft 365 Device Code Phishing for Account Takeovers

AndyC 20 December 2025

Microsoft 365 accounts targeted in wave of OAuth phishing attacks

AndyC 20 December 2025
State-linked and criminal hackers use device code phishing against M365 users

State-linked and criminal hackers use device code phishing against M365 users

AndyC 20 December 2025
Three ways teams can tackle Iran’s tangled web of state-sponsored espionage

Three ways teams can tackle Iran’s tangled web of state-sponsored espionage

AndyC 20 December 2025

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.