Cyber Insiders-v8-web - Flipbook - Page 8
THROUGH THE EYES
OF THE ADVERSARY:
MOVING BEYOND
THE EXTERNAL
ATTACK SURFACE
It is a well-known fact that the
pandemic was a catalyst for our
society’s digital transformation. In
the last few years, we have come to
rely on an ever-expanding pool of
technologies and services that include
more digital channels and increasingly
complex security management.
As a result,organisations’attack surface continues to
grow exponentially.Be itthrough m isconfigurations,
risky corporate userbehaviour,third-party
suppliers,orthe ever-increasing num berofsoftw are
vulnerabilities,the expansion and evolution of
business netw orks introduce greatercybersecurity
risk.In response,organisations need to m ove from
a purely reactionary security strategy to being m ore
proactive.The attack surface m ustbe seen and
understood from the perspective ofan adversary.
8
|
Page
The cybercrim inalunderw orld has becom e
increasingly sophisticated,building an econom y of
its ow n,w ith a w eb ofvendors,investors,suppliers
and buyers.O ne ofthe core service providers w ithin
this econom y is the Access Broker.These are the
m iddlem en w hose job itis to search forentry points
to organisations and sellthem on,m aking iteasier
than everforcybercrim inals to buy theirw ay into
an organisation’s netw ork.O nce an initialfoothold
is obtained,adversaries can im m ediately begin to
perform reconnaissance ofthe organisation’s internal
attack surface.
Assum ing the w orst,thata breach ofthe internal
netw ork is inevitable perm its organisations to m ake
a subtle shiftin m indsetthattransitions them from
a purely defensive and passive strategy to an active
and pre-em ptive fram ew ork forrisk reduction.This
enables them to view the risk to theirinternaland
criticalassets from the perspective ofthe adversary.
C YBER IN SID ERS M AG AZIN E - Vol.2
