A VMware report has found that deepfakes, burnout and ransomware attacks from dark web groups are threatening organisations’ security in 2022.
Cybercriminals are increasingly using emerging technologies such as deepfakes to attack and infiltrate victim organisations, a new report has found.
According to the Global Incident Response Threat Report released by cloud services giant VMware today (8 August), two in three respondents saw malicious deepfakes being used as part of cyberattacks. This marks a 13pc increase from 2021, VMware noted.
Delivered mostly through email, the deepfakes are used to compromise the security of victim organisations and get past their safeguards.
“Cybercriminals have evolved beyond using synthetic video and audio simply for influence operations or disinformation campaigns. Their new goal is to use deepfake technology to compromise organisations and gain access to their environment,” said Rick McElroy, principal cybersecurity strategist at VMware.
Launched globally as part of the Black Hat 2022 cybersecurity conference in Las Vegas, the report details all the challenges faced by organisations’ security teams around the world amid pandemic disruptions, burnout and threats stemming from geopolitical instability.
Nearly two-thirds of respondents stated that cyberattacks have increased since Russia invaded Ukraine.
Russia ramped-up cyberattack campaigns soon after the invasion in late February. A Microsoft report in June found that Russian cyberattacks have grown since the start of the invasion of Ukraine, with attacks aimed at the US, Baltic countries and NATO countries.
The report also highlighted burnout as a critical issue among security teams. 47pc of respondents said they experienced burnout or extreme stress in the past 12 months, down slightly from 51pc last year but still a significant figure.
More worryingly, nearly 70pc of those experiencing burnout said they have considered leaving their job as a result. This figure is up from 65pc in 2021.
However, VMware said organisations are working to combat this. More than two-thirds of respondents stated their workplaces have implemented wellness programs to address burnout.
“In order to defend against the broadening attack surface, security teams need an adequate level of visibility across workloads, devices, users and networks to detect, protect, and respond to cyber threats,” said Chad Skipper, global security technologist at VMware.
The most common form of these cyber threats is ransomware, often from e-crime groups operating on the dark web.
Nearly 60pc of respondents have encountered such attacks in the past 12 months and two-thirds have encountered affiliate programs and partnerships between ransomware groups as prominent cyber cartels continue to extort organisations through double extortion techniques, data auctions, and blackmail.
“When security teams are making decisions based on incomplete and inaccurate data, it inhibits their ability to implement a granular security strategy, while their efforts to detect and stop lateral movement of attacks are stymied due to the limited context of their systems,” Skipper added.
10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.
Source by www.siliconrepublic.com