Anyone who has played a Tower Defense-style game, (Plants Vs. Zombies being a favourite) knows the only way to hold off the hoard of brain-eating zombies is to know your weaknesses before the next wave attacks and to plan accordingly. Oddly, preparing a cybersecurity defense is somewhat similar: the player/organization knows attacks are coming, they have an idea from where and how they will be conducted, and they need to place the proper pieces on the board at the right place to stay safe.

Business Email Compromise (BEC) remains a lucrative threat vector for attackers. The FBI’s IC3 reported that in 2022, they received 21,832 complaints with adjusted losses of over $2.7 billion. When it comes to targeted attacks, threat actor sophistication is evident in their ever-evolving tactics, even as detection capabilities and preventative measures improve. Let’s take a look at the current BEC landscape for the first half of 2023.

Cybersecurity is the pressing concern most organizations face when it comes to securing data, but not every hacker launches an attack from thousands of miles away; sometimes, the threat can walk right in through the front door to gain access to your IT system. Adversaries are not shy about using a more direct approach, which is why an organization should not overlook its physical security plan.

If you're a Microsoft-focused organisation you may be able to leverage the technology you already have to become more secure. Nirvana, for many of the organisations I speak with on a daily basis is to maximise what is already included in their licensing agreement and use the current people already in their IT and security department. This presents a challenge for smaller organisations without the extensive security analyst teams of a big financial institution.

By now, the facts of the recent MOVEit breach are well known (although the victim total keeps climbing), but it never hurts to be reminded that these attacks do not take place in a vacuum and threat actors are more than happy to repeatedly use the same tactics if their targets remain vulnerable. Trustwave SpiderLabs, has tracked and documented these events explaining how threat actors were found to be exploiting three vulnerabilities, including a zero-day, (CVE-2023-34362, CVE-2023-35036.

One of my "pastimes," if you will, is to check out the features of various security tools. I had been curious about Microsoft's Defender for IoT's just-released Firmware Analysis feature. Essentially, I wanted to test its capabilities because, as we all know, adversaries are continuously upping their game making tools like this increasingly important when it comes to maintaining an organization's security.

The UK Government is "committed to helpingreduce vulnerability to attacks and ensure that the UK is the safest place todo business" . One strand of the strategy was an executivebriefing on cyber security to UK businesses – which included a top 10 focusareas for businesses to concentrate on. Within that briefing document, Ian Lovain(The Diretor of GCHQ) put it most frankly, "Value,Revenue and Credibility are at stake. Don't let cyber security become theagenda – put it on the agenda" .

Municipalities are no strangers to cyberattacks, but the introduction and ready availability of malware through ransomware-as-a-service providers has led to an increasing number of attacks against cities and counties. One small sample taken from the past six months revealed that Lowell, Mass., Spartanburg County, S.C. and Suffolk Country, N.Y. were victimized, knocking services offline and causing millions of dollars in recovery costs.

Recently, we’ve seen a noticeable surge in malware cases linked to a malicious payload delivery system known as Gootloader. The group behind this malware is believed to operate a malware-as-a-service operation, exclusively providing a malware delivery service for other threat actors.

Cyberattacks have not only become more frequent, sophisticated, and costly, but they are not about to stop. This means unprepared organizations right now are scrambling to protect their sensitive data and systems and part of this scramble is finding people to staff their open cybersecurity positions. This scenario will become a bit more desperate as forthcoming Australian federal cybersecurity strategy is set to make Australia the most cyber-secure nation in the world by 2030.