Cybercriminals are living off the land, and it is costing organizations a lot of money. This is the stark reality facing many enterprises today as they confront the persistent threat of ransomware attacks and the need to pay exorbitant sums of money to recover valuable data.
Martin Zugec, director at Bitdefender, spoke with theCUBE about ransomware attacks during Black Hat USA.
“Living Off The Land” attacks exploit trusted, built-in system utilities, allowing malicious attackers to carry out operations unnoticed. Cybersecurity companies such as Bitdefender SRL have focused their efforts on helping organizations combat stealthy threat actors who carry out costly ransomware attacks.
“Ransomware affects everyone today,” said Martin Zugec (pictured), technical solutions director at Bitdefender. “You have less than 24 hours to patch it now or they get inside. Once they get inside, very often it can take weeks or maybe months when nothing happens because what we are seeing is that they are attacking so many companies in such a short time that they need to go over them and it takes some time. More and more threat actors, ransomware affiliates, are pretty much completely switching to only using the ‘Living Off The Land’ attack.”
Zugec spoke with theCUBE’s Jackie McGuire at the Black Hat USA event, during an exclusive broadcast on theCUBE, News Media’s livestreaming studio. They discussed how Bitdefender is helping organizations deal more proactively with cyber threats. (* Disclosure below.)
Proactive hardening against ransomware attacks
In a report released in June, Bitdefender found that among 700,000 security incidents, 85% of high-severity incidents featured “Living Off The Land” techniques, according to Zugec. To combat this trend, the company launched GravityZone PHASR, which enables proactive hardening and attack surface reduction to limit the damage caused by ransomware breaches.
“What we are doing with PHASR is that in some cases we are looking at the applications themselves or the tools themselves,” he said. “In many cases, we are only looking at the partial functionality of that tool that we know administrators never use, but attackers are using it. This is all based on our very deep understanding of what the threat actors are doing, what are the playbooks, how they operate [and] what tools they are using at different stages of the kill chain.”
GravityZone PHASR is Bitdefender’s response to a reactive mindset that has impacted the cybersecurity industry. Cybercriminals often follow a playbook of steps that have been largely successful because they anticipate the reaction of organizations to an attack, according to Zugec.
“Many ransomware groups literally have manuals that say you do this in this order and you are done,” he said. “We’ll need to think, ‘I cannot do this, I cannot use this tool, I need to behave differently.’ We as an industry will have to adapt, and we will need to start implementing more preventative controls and proactive security instead of just responding.”
Here’s the complete video interview, part of News’s and theCUBE’s coverage of the Black Hat USA event:
(* Disclosure: Bitdefender SRL sponsored this segment of theCUBE. Neither Bitdefender nor other sponsors have editorial control over content on theCUBE or News.)
Photo: News
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About News Media
Founded by tech visionaries John Furrier and Dave Vellante, News Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
