Cyber-criminals manipulating reality

Cyber-criminals manipulating reality

A new report from VMware finds that cyber-criminals are manipulating reality via integrity and destructive attacks.

A new report from VMware has found a drastic rise in destructive attacks, where adversaries deploy advanced techniques to deliver more targeted, sophisticated attacks that distort digital reality, be it via business communications compromise (BCC) or the manipulation of time.

“Today, we’re seeing a nexus between nation-states and cybercriminals continue to rapidly advance the development of increasingly sophisticated and destructive cyberattacks, combined with the broadening of the attack surface as a result of COVID-19,” says Tom Kellermann, head of cybersecurity strategy, VMware. “The digital and physical worlds have converged, and everything can be manipulated by modern-day attackers. The reality is that first adopters of advanced technologies, such as artificial intelligence and machine learning, are often cybercriminals on the dark web and in nation-states intelligence communities.”

Defenders are struggling to counter these complex attacks and gain visibility into new environments, such as the cloud, containers, and business communication applications. The report found that defenders are also grappling with mental health concerns and heightened job expectations, with 51% experiencing extreme stress or burnout over the past year.

“Burnout is a huge issue with incident response teams, who are handling a spike in engagements in what is still a largely remote environment,” says Rick McElroy, principal cybersecurity strategist at VMware. “It only further underscores the need for leaders to build resilient teams, whether that means considering rotations of work, empowering individuals to take mental health days, or any number of other initiatives aimed at nurturing personal growth and development.”

Additional key findings from the 2021 Global Incident Response Threat Report include:

  • The nexus between nation-states and e-crime heightens the threat landscape and exploit vulnerabilities: Among those who have encountered ransomware attacks in the past year, 64% witnessed affiliate programs and/or partnerships between ransomware groups. Defenders are also looking for new ways to fight back: 81% said they are willing to leverage active defence in the next 12 months.
  • Advanced techniques are being used to make attacks more destructive and targeted: Respondents indicate that targeted victims now experience destructive/integrity attacks more than 50% of the time. Cybercriminals are achieving this through emerging techniques, like the manipulation of time stamps, or Chronos attacks, which nearly 60% of respondents have observed. Catalysed by the shift to remote work, 32% of respondents also experienced adversaries leveraging business communication platforms to move around a given environment and launch sophisticated attacks.
  • With cloud-jacking on the rise, cloud security remains a top priority: Following the rush to cloud technology amid the pandemic, cybercriminals have continued to exploit these environments. Nearly half (43%) of respondents said more than a third of attacks were targeted at cloud workloads, with almost a quarter (22%) saying more than half were. For this reason, 6 in 10 respondents said cloud security tools are their top priority to implement 

For more information on the evolving threat landscape as well as actionable guidance and recommendations for incident responders and security teams, download the full report here.


VMware conducted an online survey about trends in the incident response landscape in May and June 2021, with 123 cyber-security and incident response professionals from around the world participating in the study. Percentages in certain questions exceed 100% because respondents were asked to check all that apply. Due to rounding, percentages used in all questions may not add up to 100%.

Copyright Lyonsdown Limited 2021

Top Articles

Double trouble: the rising threat of double-extortion ransomware

Ransomware attackers continue to threaten businesses at an increasing scale, speed and sophistication.

The blurring line between nation-state and cyber-criminals

Russia is widely known to be involved in a plethora of cyber-criminal activity.

XDR: Delivering value where SIEMs fail

Implementing an XDR solution means faster detection, and remediation of cyber incidents

Related Articles

[s2Member-Login login_redirect=”https://www.teiss.co.uk” /]