When an organization is under attack, there are a number of tactics and tools that can be deployed in response. However, cybercriminals are becoming increasingly adept at identifying and countering remediation efforts, a practice known as counter incident response.
According to a new report from VMware, the majority of businesses (63 percent) have been subjected to counter incident response (IR) since the start of the pandemic.
Criminals deployed multiple techniques to counteract defense mechanisms, including security tooling disablement (the most popular technique) and distributed denial of service (DDoS) attacks.
Ever since the start of the pandemic, the report further claims, cyberattacks have grown more sophisticated and devastating. Double extortion ransomware attacks, in which criminals threaten to release encrypted data online if ransom demands are note met, was the most popular new technique last year.
All of this resulted in a mindset change among security teams; it’s no longer a matter of if an attack is launched, but when. Many adopted a proactive mindset, with 81 percent having a threat hunting program in place.
“Cybersecurity is adapting to changing conditions,” said Rick McElroy, Principal Cybersecurity Strategist at VMware Security Business Unit. “The old school mentality is gone. Security teams realize they must change their architectures, adopt a cloud-first mindset, and work together to meet today’s challenges. The path they’re charting is a good one.”