CDSA

During the Jan. 31 webcast “Stop Zero-Day Malware with Zero Stress”, Palo Alto Networks stressed that its recently introduced  PAN-OS 11.0 Nova software will enable organizations to “stay one step ahead of zero-day threats.”

In January, the company said it believed its vision of offering best-in-class security as part of an integrated network security platform, combined with its commitment to customer success, has helped the company earn a Leader position for the 11th consecutive year.

During the webcast, Palo Alto Networks executives discussed the evolution of today’s threat landscape and how the industry should respond. Hint: By using PAN-OS 11.0 Nova software.

“With the volume and complexity of the threats your organizations face rising exponentially, securing your network has never been more important,” Kevin Dunbar, CMO of Network Security at Palo Alto Networks, said at the start of the presentation.

There have been “recent shifts … related to attackers becoming more efficient and actually using more comprehensive techniques to attack their targets,” according to Wendi Whitmore, SVP, cyber consulting and threat intelligence, at Palo Alto Networks.

“What we’re seeing today is attackers using every angle of a potential attack vector to get the job done,” she said. “So it really seems like what’s old is actually pretty new again.”

There are several reasons for this trend, she said, explaining: “First I think the adoption of remote work and then certainly the complexity of organizations moving to the cloud has really made it more challenging for organizations to defend this growing attack surface that’s coupled with not only defending their threat attack surface. [There is also] this ever-growing expanse of open source vulnerabilities and general vulnerabilities related to the supply chain [that] makes it really difficult to be able to continually defend against this ever-increasing attack vector.”

This is all “coupled with what’s going on in the world – so  everything from the war going on in Russia [and] Ukraine, and ransomware attacks, which are happening on a near daily [basis],” she pointed out.

These factors “really makes it a great backdrop for our cyber threat attackers,” who she said are “leveraging that to fade into the background and really leverage that chaos to continue to successfully conduct attacks.”

Additionally, there is “greater availability of tools than we’ve really ever seen before,” she noted, telling viewers: “We’ve seen an increase in usage of Cobalt Strike, for example, which is a tool that’s been around for ages [but] is actually up in terms of its usage 73 percent year over year. And then there are new tools like Brute Ratel.”

She added: “All of this is also in conjunction with the fact that there’s a dynamic nature of attack groups. So everything from ransomware attackers, switching teams, switching tool sets to new attack groups on the market [that are] leveraging social engineering in ways that become really difficult for enterprise organizations to evade.

“You laid it out just right,” Chris Krebs, the former and first director of the Cybersecurity and Infrastructure Security Agency (CISA), told her.

“There’s this broader set of environmental factors that are contributing to what certainly feels kind of like a wild west moment out there,” Krebs said. “And it’s not just the bad guys because the bad guys don’t exist in a vacuum. There are conditions that enable their activities and some of those are intentional and some things they drive. But there are other things that we drive as users … that they’re taking advantage of, that they’re organically shifting and adapting to.”

On top of this, companies including BMW and Mercedes are now “selling products within the vehicle that are software-enabled, like heated seats,” he said. “So organizations are rapidly integrating technologies into their business strategies to capture market share going forward.”

He added: “The problem with that approach is that the underlying technologies that we’re baking into these radical digital transformation shifts are unfortunately probably only about as secure as they need to be.”