Valid accounts leveraged in most government, critical infrastructure cyberattacks

Fifty-four percent of successful cyberattacks against U.S. government agencies and critical infrastructure organizations have been conducted through the exploitation of valid accounts and credentials, according to The Record, a news site by cybersecurity firm Recorded Future. Spear-phishing was the second most prevalent technique leveraged in attacks, having been successful 33% of the time, a report from the Cybersecurity and Infrastructure Security Agency revealed. Organizations' network borders were able to thwart only 13% of spear-phishing attempts although 78% of malicious links and attachments have been averted at the device level. Despite continuously evolving, attackers' tactics, techniques, and procedures have not been subjected to significant changes, said CISA Risk Operations Federal Lead Gabriel Davis. "This is kind of a good thing because we know where the problems are, we know where we need to address some of our effort. And these are things that can be solved with some small changes throughout the network," Davis added.