Intruders also targeted servers with known vulnerabilities to obtain passwords
Leading cloud-enabled security solutions provider, Barracuda, has released its latest Threat Spotlight report, revealing that cybercriminals continue to exploit businesses by relying on tried and tested tactics and long-standing security weaknesses. The report, based on three months’ worth of detection data from Barracuda’s Intrusion Detection Systems (IDS) used in their Security Operations Centre (SOC), highlights how hackers are leveraging overlooked vulnerabilities and utilizing outdated methods, some dating back 15 years, to gain unauthorized access, install malware, and pilfer sensitive information.
One concerning tactic observed by Barracuda researchers involved attackers exploiting a misconfigured web server, a method first identified in 2008, to gain remote access to vulnerable systems and access sensitive operating system files. Additionally, cybercriminals resorted to a 2003 technique of injecting carefully crafted malicious code into legitimate processes. This allowed them to retrieve confidential data, manipulate operations, and send unauthorized instructions to the target operating system.
Intruders also targeted servers with known vulnerabilities to obtain passwords and user lists or misused legitimate processes to identify active IP connections within a network. Furthermore, disruptive tactics were employed to cause chaos and denial of service. By manipulating online traffic data packets—fragmenting them or reducing their size—attackers overwhelmed communication channels and destination servers, leading to crashes and widespread disruption.
Merium Khalid, Senior SOC Manager, Offensive Security at Barracuda XDR, emphasized, “Security weaknesses don’t have a cut-off date, and the risk is that over time they can become harder to locate and mitigate, reduced to deeply embedded, shadow vulnerabilities in a system or application – and the tactics required to target them don’t need to be new or even sophisticated to succeed.”
Khalid stressed the importance of adopting a multi-layered approach to cybersecurity, employing multiple levels of detection and scrutiny. It is crucial for organizations to identify and address vulnerabilities lurking within their IT environments, understand potential threats targeting them, and possess the capability to respond promptly and mitigate these risks effectively.
As cybercriminals persist in exploiting old tactics and security weaknesses, Barracuda’s Threat Spotlight serves as a stark reminder for businesses to stay vigilant, update their defences, and remain proactive in fortifying their systems against evolving threats in the digital landscape.