Security Attacks Landscape

OBRELA Security Industries have launched the 2022 Digital Universe Study, exploring the security landscape over this period for the full marketplace ranging from industry specific to threat specific attacks. This is the regular update available to customers and partners demonstrating the evolving cybersecurity attacks of the wider threat landscape, globally.

Below are some interesting highlights, which provide an overview of real-time visibility data.

By the Numbers

The Annual Digital Universe Report is produced by Obrela’s collation of:

• 9 PB of logs collected and analyzed
• 100,000 Devices monitored
• 21,000 cyber incidents detected
• 11’ response time

The Attack Landscape: Geographies, methods, industries, and best practices

Through the data analysis provided by the Obrela team the most significant attack vectors and activity are presented. Key trends compared to 2021 include:

• 31% of significant APT, Malware, and malicious insider attacks in South-Eastern Europe when compared with Western Europe, the Middle East and Asia.
• Most attacks (42%) falling into the ‘Inadvertent Actors and Malicious insiders’ category. Other types of attacks apart from the aforementioned include System/Perimeter Breaches (11%), External (web) attackers (10%), and Email Attackers (Fraud and phishing) making up the final 6%.
• Of these attacks, the most common associated alert received by Obrela was around ‘Security Group Modification’, which made up 30% of the associated alerts. Following on from this, the alerts were for ‘possible infection’ (19%) and ‘Suspicious Login by Admin (17%) including Phishing attacks (5%)
• When breaking down the results by sector, we see different industries being attacked at different points. For example:
  • Over 40% of attacks are affecting Banking and Finance
  • Around 25% Government organizations
  • 67% of attacks on IT infrastructure affect the Energy sector
  • Banking sector shows a decrease of attacks in the cloud whilst Government had an increase
  • In reference to endpoints this is highly affecting Health and Energy.
  • Brand attacks mostly affect the Energy and Health sectors demonstrating an increase to last year.
  • Last but not least, Operational technology security attacks have received the highest percentage in the wider FMCG industry as well as Oil & Gas followed by construction and shipping when compared to last year.
• In addition to the categories of threats outlined, we have also seen new and re-emerging incidents in 2022, including:
  • Domain Impersonation: A technique deployed by phishers, who will create fake domain infrastructure (websites and email addresses) which aim to impersonate a known, recognized brand name in order to trick individuals are businesses to provide sensitive data.
  • Apath traversal (Or internal directory busting attack) aims to access files and directories that are stored outside the web root folder. By manipulating variables that reference files with “dot-dot-slash (…/)” sequences and its variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on file system including application source code or configuration and critical system files.
  • EternalBlue exploitation: A self-propagating malware that allows threat actors to perform RCE (Remote Code Execution) and gain access to a network via specially crafted packets. The fact it can self-propagate across networks shows how dangerous it can be, as demonstrated by its use in the WannaCry

Download the full report to get all the latest insights.