In the first half of 2024, Russia has seen a noticeable increase in the number of cyberattacks carried out through “contractor compromise.” This type of attack occurs when hackers penetrate the network infrastructure of a large company through a vulnerability in the IT vendor’s software. Such attacks are dangerous because they allow attackers to remain in the system undetected for long periods, says Maxim Akimov, head of cyber intelligence at SOC CyberART at Innostage.
When a contractor is subject to such an attack, they lose confidential information, disrupting business processes and causing serious damage to their reputation. For the end customer, often a large corporation, the consequences can be even more serious: data theft, financial losses, and even business disruption that can lead to bankruptcy.
Akimov also said that in the first half of the year, his team detected new critical incidents related to crypto viruses that violated the integrity of corporate data on a monthly basis. There were cases when attackers stayed in the system for 5-7 months, studied the protection and chose the right moment for the attack. To protect against such threats, companies are advised to grant contractors only the necessary access rights and create “buffer zones” on the borders of IT systems.
Source: Ferra
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.