Pulsar Cyber Trends Feb 2023

Since the last report there have been interesting developments in the world of cyber security. The first topic shows a massive cyber-attack that was thwarted by Cloudflare. Also highlighted are the NSA’s best practices for keeping homes secure from cyber-attacks. Finally, reports show that threat actors are executing ransomware attacks faster than ever before.

Cloudflare, a service used to secure web servers, has recently blocked the largest distributed denial-of-service (DDoS) attack ever seen. DDoS attacks aim to crash websites by sending a web server too many requests to handle, resulting in the website being unavailable to legitimate users. Cloudflare stated that they detected and mitigated multiple waves of hyper-volumetric DDoS attacks targeting their customers. The largest wave of these attacks sent over 71 million requests per second, with most of the waves averaging 50 to 70 million requests per second. The attacks were launched from over 30 thousand separate IP addresses from several different cloud providers. DDoS attacks are becoming much more frequent, seeing an increase of 79 percent year-over-year. DDoS attacks are also seeing an increase in duration, with the number of attacks lasting more than three hours increasing by 87 percent quarter-over-quarter.

The U.S. National Security Agency (NSA) has published a guide with information to help remote workers keep their home networks secure and defend their devices from cyber-attacks. The guide contains a long list of recommendations with the most impactful ones being highlighted. The most important factor in keeping home devices and networks safe is to keep all software and devices up to date. Enabling automatic updates for everything that allows it is the best way to accomplish this, but regularly checking for updates is also recommended. To help keep a home network secure, make sure the router uses WPA3 or at least WPA2 for the security protocol. A good habit for keeping home computers, routers, smartphones, and other smart devices free of non-persistent malware is to schedule weekly reboots. To prevent threat actors from spying, it is recommended to always keep cameras covered and microphones muted when they are not in use.

IBM recently released their X-Force Threat Intelligence Index which states the average time ransomware attacks take to compromise a system is getting shorter and shorter. Ransomware attacks have maintained their popularity in 2022, accounting for about 17 percent of all cyber- attacks. The most notable change in ransomware campaigns in 2022 has been the duration of the attack from deployment to execution. Campaigns have accelerated from a time frame of two months down to just under four days. The main threat vector remained the same as recent years as email phishing, which emphasizes the importance of employee training and awareness.