Resources – CyberSOC Threat Statistics

The affected IT assets or services are not configured with the minimum security requirements based on the latest industry standards or best practices to minimize the exposure to the latest cyber threats. This exposure category would also indicate that your IT assets or services are in default configuration state thus becoming the easy targets to the threat actors.

This exposure category indicates that there are vulnerabilities identified due to the outdated components used on your IT assets or services.

There are vulnerabilities and security risks identified on the third party infrastructure that are associated with your organization’s IT assets or services. Third party risks may have direct or indirect impact to the confidentiality, integrity and availability of your IT services and overall business reputation.

The exposure of your user accounts information such as the email addresses of your users in the recent data breach of public sites. The exposed user credentials are highly susceptible to credentials stuffing, account takeover (ATO) and phishing attacks.

This exposure category indicates that your IT service users or customers may be susceptible to phishing attacks that use domain spoofing or phishing techniques to trick them into revealing their login credentials.

This exposure category refer to an intended target of a DDoS attack and misconfigured network services, which are vulnerable to DDoS reflection often over UDP.

This category indicates the data breach of the IT assets or services that involves the Personal Identifiable Information (PII) of your IT users or consumers.

This data of this exposure category is associated with the IP, domain or website reputations of your organization that are categorized as malicious or blacklisted by various cyber intelligence communities. Data is also obtained to identify the leech or pirate websites that are resembling your organization which would have direct branding and reputation impact to your business.

The observations of this exposure category indicate that unauthorized use of your brand, trademark infringement and impersonation on various platforms, including social media and mobile app stores, that lead to confusion, deception, or mistakes about the source of your goods and services.

The observations in this exposure category are related to unauthorized entities gaining access to your organization’s IT systems. Specifically, these observations indicate that one of your assets is compromised and communicating with sinkholes, command-and-control (C&C) servers, or engaging in malicious activities such as attacking other systems within your network or acting as a source of spam and phishing. This can occur through various attack vectors, including malware, phishing, or exploiting unpatched services. Once a system is compromised, threat actors can exfiltrate sensitive information, deploy ransomware, or use the compromised system as a launchpad for further attacks. In the event of a compromise, an emergency incident response and a thorough security breach/compromise assessment are necessary to contain and mitigate the active threats.

Miscellaneous is to cater for the branding and other specific cyber risk monitoring requirements customized for certain customers.