VIRTUAL DESKTOP TOOLS
VMware | August 09, 2022
At Black Hat USA 2022, VMware, Inc. released its eighth annual Global Incident Response Threat Report, which takes a deep dive into the challenges faced by security teams amid pandemic disruptions, burnout, and geopolitically motivated cyberattacks. Sixty-five percent of defenders state that cyberattacks have increased since Russia invaded Ukraine, according to report findings. The report also shines a light on emerging threats such as deepfakes, attacks on APIs, and cybercriminals targeting incident responders themselves.
“Cybercriminals are now incorporating deepfakes into their attack methods to evade security controls,” said Rick McElroy, principal cybersecurity strategist at VMware. “Two out of three respondents in our report saw malicious deepfakes used as part of an attack, a 13% increase from last year, with email as the top delivery method. Cybercriminals have evolved beyond using synthetic video and audio simply for influence operations or disinformation campaigns. Their new goal is to use deepfake technology to compromise organizations and gain access to their environment.”
Additional key findings from the report include:
Cyber pro burnout remains a critical issue. Forty-seven percent of incident responders said they experienced burnout or extreme stress in the past 12 months, down slightly from 51% last year. Of this group, 69% (versus 65% in 2021) of respondents have considered leaving their job as a result. Organizations are working to combat this, however, with more than two-thirds of respondents stating their workplaces have implemented wellness programs to address burnout.
Ransomware actors incorporate cyber extortion strategies. The predominance of ransomware attacks, often buttressed by e-crime groups’ collaborations on the dark web, has yet to let up. Fifty-seven percent of respondents have encountered such attacks in the past 12 months, and two-thirds (66%) have encountered affiliate programs and/or partnerships between ransomware groups as prominent cyber cartels continue to extort organizations through double extortion techniques, data auctions, and blackmail.
APIs are the new endpoint, representing the next frontier for attackers. As workloads and applications proliferate, 23% of attacks now compromise API security. The top types of API attacks include data exposure (encountered by 42% of respondents in the past year), SQL and API injection attacks (37% and 34%, respectively), and distributed Denial-of-Service attacks (33%).
Lateral movement is the new battleground. Lateral movement was seen in 25% of all attacks, with cybercriminals leveraging everything from script hosts (49%) and file storage (46%) to PowerShell (45%), business communications platforms (41%), and .NET (39%) to rummage around inside networks. An analysis of the telemetry within VMware Contexa, a full-fidelity threat intelligence cloud that’s built into VMware security products, discovered that in April and May of 2022 alone, nearly half of intrusions contained a lateral movement event.
“In order to defend against the broadening attack surface, security teams need an adequate level of visibility across workloads, devices, users and networks to detect, protect, and respond to cyber threats, When security teams are making decisions based on incomplete and inaccurate data, it inhibits their ability to implement a granular security strategy, while their efforts to detect and stop lateral movement of attacks are stymied due to the limited context of their systems.”
Chad Skipper, global security technologist at VMware
Despite the turbulent threat landscape and rising threats detailed in the report, incident responders are fighting back with 87% saying that they are able to disrupt a cybercriminal’s activities sometimes (50%) or very often (37%). They’re also using new techniques to do so. Three-quarters of respondents (75%) say they are now deploying virtual patching as an emergency mechanism. In every case, the more visibility defenders have across today’s widening attack surface, the better equipped they’ll be to weather the storm.
VMware conducted an online survey about trends in the incident response landscape in June 2022, and 125 cybersecurity and incident response professionals from around the world participated. Percentages in certain questions exceed 100 percent because respondents were asked to check all that apply. Due to rounding, percentages in all questions may not add up to 100 percent.
In addition to VMware’s presence at Black Hat USA 2022, there will be more than 100 security talks at VMware Explore, the global multi-cloud industry event taking place August 29 – September 1, 2022 at Moscone Center in San Francisco. Register today to begin building your agenda.
VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control. As a trusted foundation to accelerate innovation, VMware software gives businesses the flexibility and choice they need to build the future. Headquartered in Palo Alto, California, VMware is committed to building a better future through the company’s 2030 Agenda.
VIRTUAL DESKTOP STRATEGIES
VMware | June 29, 2022
VMware, a U.S.-based cloud computing and virtualization technology company, announced the introduction of VMware vSAN+ and VMware vSphere+ to assist organizations in extending hybrid cloud services on-premises, simplifying operations with centralized structures, and increasing developer speed with integrated Kubernetes.
Launched as a technology preview named Project Arctic at VMworld 2021, these novel solutions help enterprises bring the benefits of the cloud to their existing on-premises infrastructure by providing a flexible subscription model, access to new hybrid cloud services, and centralized cloud-based infrastructure management.
"VMware vSphere+ and VMware vSAN+ represent the next major evolution of those foundational solutions that customers know and trust." He added, "Wherever customers are on their digital transformation journey and in executing their cloud strategy, vSphere+ and vSAN+ will help accelerate their transformation by bringing the benefits of cloud to their existing on-premises infrastructure and workloads, along with simplified consumption via a flexible subscription model."
Krish Prasad, senior vice president and general manager for VMware Cloud Platform Business, Cloud Infrastructure Business Group, VMware
VMware vSAN+ and VMware vSphere+ are critical parts of the VMware Cloud strategy to provide compatible infrastructure with value-added proficiencies across distributed environments. These solutions allow organizations to activate add-on hybrid cloud services.
Gary Chen, IDC Research Director, Software Defined Compute, mentioned, "The transformation of on-premises infrastructure with cloud services is an emerging modernization trend that IDC is seeing draw significant interest from enterprises." He also said, "By enabling the ubiquitous datacenter hypervisor with cloud services, users will be able to onboard innovative capabilities that can be delivered immediately and fully managed from the cloud to address a broad range of pain points such as management efficiency, scale-out Kubernetes operations, and DR. The future possibilities of this delivery model, such as with vSphere+ and vSAN+, are endless and can be a key tool for enterprises to modernize their existing infrastructure quickly with minimal burden."
"VMware vSphere+ blurs the line between on-premises and cloud," stated Vishal Gupta, CIO for Lexmark. "The combination of cloud operating model with familiar toolsets will be a big win for us."
VIRTUAL DESKTOP STRATEGIES
VMware | June 17, 2022
VMware, Inc. announced today that it is assisting Centrica in its aim to help consumers live more sustainably, easily, and inexpensively by improving insight into the company's cloud-native apps running on Amazon Web Services (AWS). Centrica can receive deeper insights and trends into their platforms thanks to VMware Tanzu Observability by Wavefront, enabling an easier road to new products and services. Centrica uses VMware to provide analytics through easy dashboards on smart home apps, allowing its clients to utilize energy more effectively.
Tanzu Observability gives Centrica a consistent perspective of their various, dispersed AWS environments, enabling them to swiftly obtain actionable business information (BI) and keep business-critical services operational for their customers. The Centrica team used Tanzu Observability to address problems that impeded app development early in the lifecycle. Tanzu Observability also promotes a uniform approach to security and, according to the business, has assisted Centrica in achieving a 25% decrease in monthly cloud costs by aggregating underutilized resources.
“We needed to monitor the performance of our AWS infrastructure and empower the development team with a better understanding of customer demands. Tracking trends and patterns in customer behavior is vital to develop new releases that are more relevant to customers. We adopted Tanzu Observability to set up alerts, troubleshoot problems, and provide meaningful real-time dashboards to monitor system health. In turn, we were able to shift from reactive to proactive IT management and our teams were able to focus on delivering new services to our customers.”
Christopher Livermore, head of operations at Centrica
Tanzu Observability provides enterprises with a complete view of their whole AWS infrastructure, including AWS Lambda and Amazon Elastic Kubernetes Service (EKS), with easier AWS Marketplace consumption. Customers of both VMware and AWS can benefit from increased visibility and extra insights into AWS, on-premises, and hybrid environments with Tanzu Observability at every point of their cloud journey. With out-of-the-box dashboards and alert conditions, AWS clients can quickly see metrics, events, tracing, or other data sources as a first glass pane for quicker problem identification and resolution with applied intelligence throughout their whole stack.
Ajay Patel, senior vice president and general manager, Modern Applications & Management Business Group, VMware said that, “Businesses today are defined by the digital services they deliver. Tanzu Observability is empowering developers at organizations who are optimizing their application modernization efforts on AWS for speed, quality, and security in support of their journey to become a digital enterprise. Providing Tanzu Observability through AWS Marketplace gives our joint customers the flexibility to scale their observability needs as they progress along their AWS cloud journey.”