Request A Demo
  • Blog Post

Increased Risk of Foreign Cyber Attacks

In April, we alerted customers that hackers are planning to use zero day exploits to take over unpatched Windows XP machines and use them as botnets in coordinated DDOS attacks. This cyber attack alert discusses a new threat that is also related to Windows XP vulnerabilities.

According to our sources, government agencies believe the current risk of foreign cyber attacks is at an all time high. Groups from China, Russia, and the Middle East are suspected to be planning cyber attacks against US organizations. Intentions vary by group and they are driven by both political and criminal motivations. For example, tension over Ukraine is thought to be behind possible Russian attacks.

The threat being most frequently discussed is a massive DDOS attack with the intent of distracting organizations while hackers launch malware attacks. The successful installation of malware is the real threat and likely targets are the large numbers of Window XP machines that are no longer being patched for security vulnerabilities. Many organizations have large numbers of medical devices, ATMs, and control systems that use the XP operating systems.

Recommendations:

  1. Scan regularly. Patch or add compensating controls where and when possible.
  2. Use Vulnerability Management tools to tag assets that cannot be patched.
  3. Maintain updated signatures on Intrusion Protection Systems.
  4. Use a SIEM system or service to model unpatched assets and monitor for IOC (Indicators of Compromise) and CnC (Command and Control) via log and traffic correlation with Threat Intelligence and Reputation data sources.
  5. Automate blocking of suspicious traffic from malicious IPs.
  6. Use cloud-based redirection services to mitigate DDOS attacks. Understand the bandwidth of these services to ensure your vendor is not vulnerable to being overwhelmed by a large scale global attack.
  7. If practical, group vulnerable Windows XP machines in dedicated subnets and take machines off line during a DDOS attack.
  8. Develop contingency plans to deal with this threat and manual workarounds if Windows XP devices are not available.

Our intelligence is the scale of these attacks could be very large and we recommend you take proactive action to protect your organization.

Please contact us for further information or advice.

Recent Blog Posts

Stay Ahead of Evolving Threats

Signup for our free newsletter and receive invaluable threat notifications from our Threat Intelligence team.

By submitting this form, you agree to the Proficio Website Terms of Use and the Proficio Privacy Policy.

REQUEST A DEMO

Experience Tomorrow’s
Security Today

Request a Demo and Experience Proficio's
Innovative Solutions in Action.

By submitting this form, you agree to the Proficio Website Terms of Use and the Proficio Privacy Policy.

North America

+1.800.779.5042
info@proficio.com

APAC

+65.6996.9185

EMEA

+34.937.370.358

Services

ProSOC MDR
Risk Based Vulnerability Management
Cyber Exposure Monitoring
Active Defense Response
View All Services

Partners

Partner Login
Channel Partners
Technology Partners
MSP Partners
Become A Partner

Stay Ahead of Evolving Threats

Signup for our free newsletter and receive invaluable threat notifications from our Threat Intelligence team


By submitting this form, you agree to the Proficio Website Terms of Use and the Proficio Privacy Policy.

Solutions

24/7 Security Operations
Accelerate Your SIEM Deployment
Identify Targeted Attacks
Mitigate Threats to Prevent Breaches
Improve MTTD & Reduce False Positives
Protect Your Identities
Protect Your Endpoints

 

Protect Your Cloud 
Protect Your Network
Meet Cyber Insurance Requirements
Enhance Reporting & Business Intelligence
Compliance Assurance

Resources

Resource Center
Guides
Case Studies
Reports 
Datasheets
Videos
Webinars
White Paper

Company

About Us
Leadership
Awards
Blog
Press Releases
News
Events
Careers
Contact Us

© 2024 Proficio. All Rights Reserved. Privacy Notice & Cookie Policy | Terms of Use