Software tools used to support employees in their day-to-day office administration tasks are reported to have accounted to 30% of Cyber Attacks in 2019 says a report released by Cybersecurity firm Kaspersky Global Emergency Response team
CIOs of companies should be extremely concerned with the newly released report statistics as the software meant to help them by easing their IT admin tasks is in fact doing more bad.
All these days, monitoring a network for cyber threats was being done in an automated way via software. But Kaspersky labs have detected that the hackers were using some vulnerabilities in such software to extract sensitive information, by passing various security controls aimed to detect threats, and that’s alarming.
“Sometimes, to stay anonymous in a corporate network, cyber criminals are using software that is usually developed to simplify admin tasks and system diagnostics”, said Konstantin Sapronov, the Head of global Emergency Response Team.
As the attacks are being carried out through legitimate tools, it is hard for security software to detect such malicious activity beforehand, resulting in detection, only after damage is done added Sapronov.
The only way to deal with the situation is to use reputed brands of logging and monitoring systems capable of detecting even the slightest of suspicious activity at an early stage.
Also, restricting the access to remote management tools from external IP addresses and enforcing strict password policies along with multi-factor authentication will make sense, says Sapronov.
Offering IT staff limited privileges and granting permissions who genuinely need them is also being recommended by Kaspersky.