Skip to content

Discerning Data

  • About Us
  • Additional Resources
  • Contact Us

DISCERNING DATA

A Faegre Drinker Blog Covering the Latest in Privacy, Cybersecurity and Data Strategy

  • Privacy
  • Cybersecurity
  • Data Strategy
  • Disruptionware

Discerning Data Cyber Vulnerability Alert: Four Emerging Cyber Threats

Share

According to several recent media reports, malicious cyber actors have begun to utilize four new types of cyberattacks as part of their current destructive repertoire. The website www.databreachtoday.com noted that these new attacks are “significantly reshaping the threat landscape that CISOs have to deal with.”

These four new emerging cyberattacks are identified as:

  1. Defensive Evasion;
  2. Triple Extortion;
  3. Wiper Malware; and
  4. Accelerated Exploit Chain.

Defensive Evasion consists of multiple techniques used by attackers to avoid detection throughout the compromise of a victim’s network. Researchers have identified approximately 37 known evasion techniques, including uninstalling or disabling security software. Another well-known defensive evasion technique includes obfuscating and/or encrypting data and scripts inside the victim’s network.

In a triple extortion cyberattack, ransomware operators:

  1. Access and exfiltrate confidential data from the victim’s network;
  2. Release malware that encrypts the victim’s data; and
  3. Threaten to inform and extort the initial victim’s business partners, shareholders and suppliers about the incident.

Wiper malware is especially disturbing. A wiper attack involves the wiping, overwriting and/or removal of data from the victim’s network. These particular attacks are not motivated by monetary gain but are purely destructive in nature. Wiper malware is also used to “cover the tracks” of cyber threat actors who are exfiltrating data from a victim and want to ensure there is no digital trail to follow during the follow-up investigation of the incident. Wiper attacks are also known as “disruptionware” attacks and you can learn more about them here.

Finally, accelerated exploit chain attacks (also known as vulnerability chains) are becoming increasingly common. Instead of trying to use a “single point of compromise” during the scope of the cyberattack, the exploit chain uses a series of multiple exploits simultaneously that expand the scope of the intrusion attempt’s attack matrix to compromise victims and their data.

While these are not the only emerging cyberattack threats on the horizon, these attacks have become much more prevalent. Vigilance and strong cyber hygiene defenses are critical to defending yourself and your data from these emerging cyber threats.

The material contained in this communication is informational, general in nature and does not constitute legal advice. The material contained in this communication should not be relied upon or used without consulting a lawyer to consider your specific circumstances. This communication was published on the date specified and may not include any changes in the topics, laws, rules or regulations covered. Receipt of this communication does not establish an attorney-client relationship. In some jurisdictions, this communication may be considered attorney advertising.

About the Author: Jason G. Weiss

Jason G. Weiss leverages a past career as a cybersecurity and computer forensics Supervisory Special Agent with more than 22 years of decorated service at the FBI to guide clients through the complex and high-stakes issues associated with cybersecurity incident preparedness and response and compliance. View Jason's full bio on the Faegre Drinker website.

About the Author: Jay Brudz

Jay is a partner in the firm's Government & Regulatory Affairs group. Read Jay's full bio on the Faegre Drinker website.

Receive Email Alerts to New Articles

SUBSCRIBE

June 21, 2022
Written by: Jason G. Weiss and Jay Brudz
Category: Cybersecurity
Tags: cyberattack

Post navigation

Previous Previous post: What Are Social Engineering Attacks? How Can You Protect Yourself? – A Faegre Drinker on Law and Technology Podcast
Next Next post: New York Department of Financial Services Announces $5 Million Penalty in Most Recent Cybersecurity Enforcement Action

Search the Blog

Sign Up for Email Alerts

PODCASTS

Faegre Drinker on Law and Technology

©2023 Faegre Drinker Biddle & Reath LLP. All Rights Reserved. Lawyer Advertising.

  • About Us
  • Additional Resources
  • Contact Us
We use cookies to improve your experience with our website. By browsing our site, you are agreeing to the use of cookies. For more information about how we use cookies, please review our privacy policy and cookie policy. OK
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT