Exabeam News Wrap-up – February 1, 2023

Here’s the latest collection of Exabeam topics, headlines, and news coverage. Stay up to date with the Exabeam News Wrap-up! For press releases, articles, awards and all things newsworthy, check out the Exabeam Newsroom.

In this article:

• Another Security Breach at Mailchimp; Customer Support Tools Again Hijacked to Phish Clients, in Third Such Incident in a Year
• Credential Stuffing Attack Impacts About 35,000 PayPal Accounts, Company Says No Unauthorized Transactions Detected
• Cybercrime From Russia and China: What Can We Expect Next?
• Credentials Are the Best Chance To Catch the Adversary
• 2023 Cybersecurity Predictions Round Up: Experts From Within The Industry Share Security Concerns
• Defending OT Against Cyberattacks in 2023
• The Unavoidable Threat: Cybersecurity in 2023
• Exabeam Shares Cyber Learnings and Predictions for the Region

Another Security Breach at Mailchimp; Customer Support Tools Again Hijacked to Phish Clients, in Third Such Incident in a Year

Nearly a year after Mailchimp experienced a similar security breach that targeted its customers’ cryptocurrency wallets, hackers have once more infiltrated the company. Exabeam Chief Information Security Officer Tyler Farrar discusses how businesses can control the risk associated with their vendors and fairly evaluate third parties. “Adversaries are always going to go for the path of least resistance to meet their end goal. The threat actors who conducted this social engineering attack were likely not going after Mailchimp, but the organizations the email platform works with. Rather than attempt to attack each of the customers individually, the adversary probably figured it would be easier to break through into Mailchimp. Unfortunately, attacks like these are going to become more and more common,” he predicts.

Credential Stuffing Attack Impacts About 35,000 PayPal Accounts, Company Says No Unauthorized Transactions Detected 

Within a few days, PayPal was able to identify and stop a credential stuffing attempt. Matt Rider, Vice President, Sales Engineering at Exabeam, emphasizes that this is not common. “The sad fact is that many security operation centers (SOCs) still fail to detect credential-based attacks. A lack of visibility into credential misuse is far more common, which makes PayPal’s efforts here a rare exception to the norm. Organizations generally struggle to spot attackers moving laterally around their networks. The most effective detective capability is the development of a baseline for normal employee behavior, which can specifically assist security teams with identifying the use of compromised credentials for initial access and later maintaining network access.  If you know what normal behavior looks like first, abnormalities are far easier to spot quickly,” he says.

Cybercrime From Russia and China: What Can We Expect Next?

Numerous groups around the world are concerned about nation-state assaults as the war between Russia and Ukraine continues. Tyler Farrar explores what businesses should expect from Russia in 2023. “It was evident even before the start of the Ukraine war that Russia’s economic potential and useful raw materials are completely overshadowed by the United States,” Farrar says. “The country’s leader has a suite of cheap, asymmetric tools at his disposal to execute his foreign policy. These will be utilized across multiple domains to sow discord and division within the United States in an attempt to prove that the country is weak.”

Credentials Are the Best Chance To Catch the Adversary 

There is no defense against legitimate credentials. Humans are not perfect, and that can lead to mistakes. Ralph Pisani shares five tips that SOC teams can use to minimize the threat. “As a result, credentials are both the best and the last chance to catch adversaries. Organizations need to use new strategies and next-generation SIEM platforms with UEBA to detect these attacks and minimize their harm,” he writes.

2023 Cybersecurity Predictions Round Up: Experts From Within The Industry Share Security Concerns 

Tyler Farrar shares his insights on nation-state threat actor patterns and tactics, how the economic downturn will impact security spend, zero trust, and the software supply chain in Enterprise Security Tech. “In 2023, state policies will directly influence cybercriminal and hacktivist communities to obfuscate sources and methods, increasingly blurring the lines between nation-states, cybercriminals, and hacktivists. Cybersecurity teams would be wise to remain flexible with respect to threat actor attribution,” says Farrar.

Defending OT Against Cyberattacks in 2023 

Safeguarding operational technology (OT) requires special considerations. Exabeam Chief Security Strategist Steve Moore discusses how the state of geopolitical activities has increased the likelihood of OT falling victim to nation-state attacks. “With geopolitical changes in the world, we will see an uptick in individual businesses falling victim to nation-state attacks,” says Moore. “We can expect the lines to blur between espionage and criminal activity, as information and attack techniques are shared. Loyalists to certain nations will continue to offer cooperation to these international hacking efforts.“

The Unavoidable Threat: Cybersecurity in 2023

39% of UK businesses have suffered from an attack over the last twelve months. Matt Rider, VP of Security Engineering EMEA at Exabeam, advises it’s vital that organizations don’t confine their identity security to authentication. “Monitoring devices to understand their behavior will be crucial going into 2023,” he argues. “Zero Trust is often cited as the answer to this challenge and, to some extent, that’s correct and highly encouraged. But you also need to truly understand and model user behavior to ensure that even authorized users and their devices are behaving as expected.”

Exabeam Shares Cyber Learnings and Predictions for the Region

Exabeam VP of Sales for APJ Gareth Cox and Director of Alliances for APAC Sean Abbott discuss the current state of cyber risk in the region, based on learnings from 2022 and predictions for the coming year.

Stay tuned for the next issue of the Exabeam News Wrap-up and catch up on previous editions!

5 Ways Exabeam Helps Eliminate Compromised Credential Blindspots

Compromised or stolen credentials are the leading cause of cyberattacks, costing organizations an average of $4.5 million. But with the right tools and approach, you can fight back.

This guide outlines a field-proven combination of behavioral analytics and automated investigation to help your security operations team identify and mitigate threats before they cause significant damage.

• Learn how to detect and prevent credential-based attacks, such as brute force and dictionary attacks, credential stuffing, and phishing.
• Understand how behavioral analytics can help your security team see when a user or entity is operating outside of their normal pattern of behavior, indicating a potential attack.
• Discover the automated investigation capabilities that can help your team quickly identify and respond to threats.

Download the guide now and take the first step in protecting your organization’s valuable data assets.