Some research The Record caught and highlighted. In a paper titled “An Empirical Assessment of Endpoint Detection and Response Systems against Advanced Persistent Threats Attack Vectors, “EDR software from 18 vendors was evaluated and found that many fail to detect some of the most common attack techniques used by advanced persistent threat actors, such as state-sponsored espionage groups and ransomware gangs.
The results show that none of the tested EDRs had full coverage for all attack vectors, allowing threat actors a way to slip through a company’s defenses.
Researchers have developed a method for faking an iPhone reboot or shutdown, preventing malware from being removed. The intention – showing how one can never trust a device is entirely off.
The FTC has warned companies to secure against Log4J vulnerabilities – and that it will take legal action against companies that fail to protect their customer’s data. “The FTC intends to use its full legal authority to pursue companies that fail to take reasonable steps to protect consumer data from exposure as a result of Log4j or similar known vulnerabilities in the future,” the US government agency said.
ISC’s Ransomware Study says the C-Suite is rather confident – just 15% report a lack of confidence in their organization’s protections. Chainalysis’s report said cryptocurrency-based crime hit a new all-time high in 2021… although scams rather than extortion showed the biggest jumps.
Why do we care?
There’s no perfect solution on the software front. Remember that. Are EDRs overhyped? Does all software have limits? Yes.
I’m encouraged by the FTC’s declaration. A minimum bar on the Log4J vulnerability. If a company ignores the issue, they are subject to FTC action. The bar is rising.
That research around the iPhone bug is informational – and additionally scary. An example where it feels like no one asked how the feature could be misused.
Finally, I had to pair the data about confidence next to payouts. There’s still plenty of room for improvement – but more importantly, the C-Suite will spend “enough”. That’s key to understanding what to offer. Not everything… enough.