RSA Conference 2019 addressed the most dangerous attack techniques facing organizations and individuals today. There are two specific attack vectors that are increasing. First is the manipulation of the DNS infrastructure associated with specific enterprises. Hackers are using credentials that they have compromised in the normal course of business. Bad guys are logging into DNS and name registrars and manipulating the DNS records there. Emails destined for your organizations are actually being redirected to them.
The second attack vector is domain fronting, a technique that obscures where the attacker is located. However, that’s just the start, he said, as many of these attackers are disappearing into the cloud and acting as a trusted cloud provider.
Heather Mahalik, revealed how easily anyone can be targeted in individualized attacks. If someone wants to get your information, it can be easily tracked in the cloud. “The lazier we get as humans, the better the glimpse into our lives for everyone else.” Information that is in one cloud is being shared in other clouds, making it available to bad guys who want it.
Johannes Ullrich, returned to the DNS problem; it is an issue of privacy versus security. If a bad guy intercepts your traffic, they know a lot about you, so you want to go to something more private. HTTPS seems like the optimum solution, but HTTPS makes it more difficult for security staff to monitor logs that would otherwise find anomalies in the traffic.
There has been a rise in CPU flaws. Hackers are taking advantage of the flaws in these features to attack your system.
The solution? There needs to be an increase in the use of MFA to make it more difficult for outsiders to gain access to your networks, your clouds, your servers or your private information.