That means CISOs must make sure systems try to distinguish between automated and man-made attacks. And to test manual attacks more carefully, Harrigan said.
CISOs should “spend more time” manually checking for attack attempts, he said, as doing so could give the security agency a zero-day mirror, thus giving them the ability to change defenses to try to block attacks in progress. almost at scale following bots.
“Every time [an attacker] you take away a piece of armor, somebody figures out how to build a better piece of armor,” Harrigan said. “It’s always a cat and mouse game.”
The Lexis-Nexis report – available here – also identified the 2023 areas most likely to start attacks as “parts of Southeast Asia. [that] they are the designated homes of remote scam centers. Cybercriminals love the border areas of Cambodia, Myanmar and remote areas of Thailand.”
Addressing fraud and scams, rather than cybercrime in general, the report noted several trends over the past few years.
“In APAC, third-party account takeovers are stronger than ever in 2022, driven by an ongoing pandemic across the region that is currently fueling unauthorized fraud attempts, unlike the authorized transfer scams seen in EMEA,” LexisNexis researchers wrote. “Bonus abuse has worsened in both EMEA and LATAM, linked to both gaming and gambling as well as ecommerce. North America saw YOY percentage growth in real identity theft through 2023, offsetting a decline in third-party fraud as a percentage of all classifications.”
Source link