Threat groups have exploited ubiquitous but easily exploited vulnerabilities such as Log4j and ProxyShell which offer multiple routes into the same organization. Due to the continued commercialization of cybercrime what was once a one-on-one battle between a bad actor or gang and a network has evolved into a more-on-one attack on a vulnerable system or network.
Anyone even with limited technical knowledge can capitalize on proven exploits whether by working with initial access brokers - criminal groups that find vulnerabilities in companies and selling Whatsapp Mobile Number List that access to others - or by leveraging ransomware-as-a -Service offers or phishing kits. So one vulnerability can lead to many attacks. Reducing the likelihood of repeat violations Cybersecurity leaders who want to mitigate the risk of repeated attacks on their organization need to consider not only technology vulnerabilities and solutions but also people and processes.
The following measures can reduce the likelihood of multiple attacks Insist on postmortems Conducting root-cause analysis of successful attacks is critical and something Mimecast does extensively to continuously improve its own email gateway solution. All too often however security teams are so busy responding to an incident and cleaning up and so exhausted that a full review of the people processes and technology that may have led to the attack is overlooked. Adopting pre-checks Pre-checks a technique used in project management to identify and mitigate risk can be an equally effective way to eliminate the vulnerabilities that lead to repeated attacks.