Home > News > featured news > VMware Report Warns of Deepfake Attacks and Cyber Extortion

Virtual Desktop Tools

VMware Report Warns of Deepfake Attacks and Cyber Extortion

VMware | August 09, 2022 | Read time : 03:15 min

At Black Hat USA 2022, VMware, Inc. released its eighth annual Global Incident Response Threat Report, which takes a deep dive into the challenges faced by security teams amid pandemic disruptions, burnout, and geopolitically motivated cyberattacks. Sixty-five percent of defenders state that cyberattacks have increased since Russia invaded Ukraine, according to report findings. The report also shines a light on emerging threats such as deepfakes, attacks on APIs, and cybercriminals targeting incident responders themselves.

“Cybercriminals are now incorporating deepfakes into their attack methods to evade security controls,” said Rick McElroy, principal cybersecurity strategist at VMware. “Two out of three respondents in our report saw malicious deepfakes used as part of an attack, a 13% increase from last year, with email as the top delivery method. Cybercriminals have evolved beyond using synthetic video and audio simply for influence operations or disinformation campaigns. Their new goal is to use deepfake technology to compromise organizations and gain access to their environment.”

Additional key findings from the report include:
Cyber pro burnout remains a critical issue. Forty-seven percent of incident responders said they experienced burnout or extreme stress in the past 12 months, down slightly from 51% last year. Of this group, 69% (versus 65% in 2021) of respondents have considered leaving their job as a result. Organizations are working to combat this, however, with more than two-thirds of respondents stating their workplaces have implemented wellness programs to address burnout.

Ransomware actors incorporate cyber extortion strategies. The predominance of ransomware attacks, often buttressed by e-crime groups’ collaborations on the dark web, has yet to let up. Fifty-seven percent of respondents have encountered such attacks in the past 12 months, and two-thirds (66%) have encountered affiliate programs and/or partnerships between ransomware groups as prominent cyber cartels continue to extort organizations through double extortion techniques, data auctions, and blackmail.

APIs are the new endpoint, representing the next frontier for attackers. As workloads and applications proliferate, 23% of attacks now compromise API security. The top types of API attacks include data exposure (encountered by 42% of respondents in the past year), SQL and API injection attacks (37% and 34%, respectively), and distributed Denial-of-Service attacks (33%).

Lateral movement is the new battleground. Lateral movement was seen in 25% of all attacks, with cybercriminals leveraging everything from script hosts (49%) and file storage (46%) to PowerShell (45%), business communications platforms (41%), and .NET (39%) to rummage around inside networks. An analysis of the telemetry within VMware Contexa, a full-fidelity threat intelligence cloud that��s built into VMware security products, discovered that in April and May of 2022 alone, nearly half of intrusions contained a lateral movement event.

“In order to defend against the broadening attack surface, security teams need an adequate level of visibility across workloads, devices, users and networks to detect, protect, and respond to cyber threats, When security teams are making decisions based on incomplete and inaccurate data, it inhibits their ability to implement a granular security strategy, while their efforts to detect and stop lateral movement of attacks are stymied due to the limited context of their systems.”

Chad Skipper, global security technologist at VMware

Despite the turbulent threat landscape and rising threats detailed in the report, incident responders are fighting back with 87% saying that they are able to disrupt a cybercriminal’s activities sometimes (50%) or very often (37%). They’re also using new techniques to do so. Three-quarters of respondents (75%) say they are now deploying virtual patching as an emergency mechanism. In every case, the more visibility defenders have across today’s widening attack surface, the better equipped they’ll be to weather the storm.

Methodology
VMware conducted an online survey about trends in the incident response landscape in June 2022, and 125 cybersecurity and incident response professionals from around the world participated. Percentages in certain questions exceed 100 percent because respondents were asked to check all that apply. Due to rounding, percentages in all questions may not add up to 100 percent.

VMware Explore
In addition to VMware’s presence at Black Hat USA 2022, there will be more than 100 security talks at VMware Explore, the global multi-cloud industry event taking place August 29 – September 1, 2022 at Moscone Center in San Francisco. Register today to begin building your agenda.

About VMware
VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control. As a trusted foundation to accelerate innovation, VMware software gives businesses the flexibility and choice they need to build the future. Headquartered in Palo Alto, California, VMware is committed to building a better future through the company’s 2030 Agenda.

Spotlight

VMware SD-WAN Edge platform specifications

VMware SD-WAN™, a fundamental component of VMware SASE™ (Secure Access Service Edge), offers converged cloud networking and security services to achieve flexibility, agility, and scale for enterprises of all sizes. VMware SD-WAN is built on software-defined networking principles to address end-to-end automation, application continuity, branch transformation, and security from the edge to the data center and the cloud

More featured news

Spotlight

VMware SD-WAN Edge platform specifications

Related News

Virtual Desktop Tools, Virtual Server Infrastructure

MacStadium Secures Two Patents to Further Expand Innovation Across Apple Enterprise Cloud Deployments

businesswire | July 13, 2023

MacStadium, the industry-leading Mac private cloud and software-as-a-service provider enabling macOS workloads, today announced it has secured two patents: one for injection molded “helmets” providing keyboard, video and mouse (KVM) and precise power button control remotely, and one for a new rack shelving design with optimizing server density along with the KVM system. MacStadium’s helmets, which sit atop a Mac mini or Mac Studio, are specifically designed to retrofit the company’s current shelving offering. Leveraging 3D printing technology to rapidly prototype and refine the design, this innovation dramatically reduces time-to-market and yields very low cost per unit. While the helmets remain compatible with former shelving solutions, the new shelf design offers six times the server density of older Mac Pro racks and 50% more server density than existing Mac mini racks. Additionally, each Mac server is provisioned with an Apple-focused KVM device providing significant capabilities and advantages while slashing rack shelving costs by 50% or more. “These patents offer an exciting glimpse into how much we have grown and evolved our technology to better service our customers with scalability on-demand and faster deployment made possible via our enterprise hardware program,” said Paul Benati, MacStadium’s senior vice president and COO. “MacStadium has been and remains at the forefront of Apple enterprise innovation. As the first to market with new Apple servers, we continue to innovate, prioritizing reduced system friction, increased customer ease and satisfaction and decreased costs.” MacStadium’s proprietary helmet - which is currently in production - houses a temperature probe, LED light, OLED display and a servo, which allows for granular remote control of Apple devices’ power button. These KVM devices can remotely control the Apple devices to which they are connected, eliminating the need for customers to request server control and for IT teams to physically go to data centers to correct issues. With these remote control and self-service features, customers unlock new capabilities, including the ability to dynamically define the purpose of the Apple device, access to network storage and the long-awaited ability to run FileVault. The KVM system is securely accessed via SSL, SSO integration and authentication and authorization via lightweight directory access protocol (LDAP). The shelving system, which will soon begin production, is designed to hold 24 Mac minis and 24 Apple-focused KVM devices, increasing the capacity of a standard rack to 144 Mac minis. In addition to increased operational efficiencies and secure server access from anywhere in the world, the shelving design offers tremendous cost savings due to its injection molded manufacturing. Not only is this manufacturing offered globally by a multitude of vendors, but it also allows for reduced shipping costs and more server density per square foot due to the product’s reduced bulk and weight. These innovations provide a clear competitive advantage for customers and are just some of the foundational elements of MacStadium's offering, aimed at driving Mac compute to customers via self-service. The patents come after MacStadium announced Orka Workspace with Pulse, designed to enable high-definition audio and visual streaming on virtual Mac desktops via any HTML5-supported browser. In addition, the company recently made public its Orka Small Teams edition, a self-service purchase option, giving MacDevOps teams immediate access to the industry’s leading enterprise-grade macOS virtualization and orchestration tool. As tech companies look to streamline operations and maximize their resources, this automation is critical to remain competitive. About MacStadium Founded in 2011 and headquartered in Atlanta, MacStadium is a private Mac cloud provider delivering scalable and secure enterprise cloud solutions exclusively for macOS. The company’s suite of advanced software-enabled infrastructure, combined with its innovative technology, delivers the security, performance, reliability and flexibility its MacDevOps customers require for successful app development on Apple devices. Powered by MacStadium, Orka® (Orchestration with Kubernetes on Apple) Platform is the only virtualization layer available for Mac build infrastructure based on popular Docker and Kubernetes technology. MacStadium is a Summit Partners portfolio company with multi-site operations in the U.S. and EU.

Server Virtualization, Security

Syncro Expands Its Offering with a New Team Plan and Features Targeting Growing MSPs

businesswire | August 11, 2023

Syncro,an all-in-one professional services automation (PSA) and remote monitoring and management (RMM) platform for managed service providers (MSPs), today announces the addition of the newTeam plan for MSPs. Syncro is providing this new premium tier plan to equip growing MSPs with more advanced features and onboarding support that will help them better manage their team’s tasklist and business growth. The new Team plan is designed for MSPs with multiple technicians and empowers them to organize and automate their workflows how they choose. The plan includes PowerBI reports with in-depth data aggregation and insights, more automation, stronger remote access capabilities, and ticket workflow enhancements offering more management oversight. The Team plan also provides more support convenience, giving MSPs the ability to schedule one on one troubleshooting sessions with Syncro technicians. The addition of the Team plan allows MSPs to take advantage of features that will help them to solve the challenges that come with managing a growing business efficiently with many technicians and even more clients. This powerful plan offers the following benefits and features: Enhanced Splashtop: Includes multi-monitor support and multiple techs per session. Azure AD sync: Seamless integration with Azure AD to enable contact syncing and Microsoft 365 billing automation. Real-time ticket automations & assignments: Streamlines your service desk operations. PowerBI integration: Facilitates advanced analytics and business intelligence. Scheduled database exports: Automatically export your Syncro data to a database of your choosing. Personalized support and onboarding experience: Enjoy scheduled callbacks for technical issues and implementation experts to help you onboard. The Team plan is available for $189/user/month. Syncro's current base plan (now renamed as Core) at $139/user/month is still available with all existing features, and at the same price. Both the Core and Team plans offer a no-contract monthly per user price, with unlimited endpoints and access to the entire Syncro platform including PSA/RMM and remote access functionality. “Syncro’s first priority has been and will always be helping MSPs expand their business – from MSPs who are just starting out to MSPs who are well-established and experiencing rapid growth. The launch of the Team plan and the newest features is a direct result of listening to the needs of our growing partners and just another way we are supporting MSPs and enabling them to be more profitable,” said Emily Glass, CEO of Syncro. About Syncro Syncro's all-in-one PSA, RMM, and remote access software helps managed service providers (MSPs) run more efficient and profitable businesses. Pricing is refreshingly simple, with no contracts and flat per user pricing. A technology company with a human heart, Syncro is committed to diversity, inclusion, belonging and fair practices that benefit everyone—from customers and employees to the industry at large.

Virtual Desktop Tools, Virtual Server Management

Kajeet Showcases 5G Portfolio of EdTech Products at International Society for Technology in Education (ISTE)

Kajeet | June 26, 2023

Kajeet®, the leading wireless connectivity and device management provider for education, government, and commercial markets, today unveiled its growing 5G EdTech portfolio at the prestigious ISTELive 23 Conference in Philadelphia. This collection of education connectivity solutions harnesses 5G technology to empower teachers and students with faster connectivity, enabling them to embrace the full potential of today's digital learning. ISTE, considered one of the largest events in the United States for educators to learn about technology in education, offers the ideal opportunity to demonstrate to the EdTech community how Kajeet remains at the forefront of providing reliable and secure internet connectivity solutions to bridge the digital divide. "Kajeet is proud to introduce our 5G Portfolio at ISTE. These innovative products represent a significant milestone in educational connectivity," said Michael Flood, senior vice president of public sector at Kajeet. "We are committed to ensuring that teachers and students have access to reliable, high-speed internet wherever they learn." The comprehensive 5G Portfolio from Kajeet is comprised of a range of cutting-edge devices, each tailored to meet the unique needs of educators and learners alike. The latest models being showcased include: Kajeet 5G SmartSpot: This education-ready WiFi hotspot helps bring digital equity to students and provides easy implementation for schools to prioritize digital education. With faster speeds, students can easily master digital skills as part of their education journey. Kajeet SmartBus 5G: Kajeet offers a secure and reliable mobile router designed to seamlessly connect students to a portable and reliable WiFi hotspot on wheels that turns travel time into an extension of the classroom. Kajeet 5G Fixed Wireless: Kajeet Fixed 5G Internet Gateway router ensures a reliable and high-speed connection for homes, remote facilities, community centers, and outdoor locations for primary internet access. Designed to bring lightning-fast internet connectivity to students, this affordable solution can support multiple devices simultaneously. Evolve III T-3 Pro Touch 5G LTE Notebook: Kajeet has partnered with Evolve III to offer a Windows 11, touchscreen notebook with built-in 5G & LTE capabilities. Kajeet offers coverage from all major US wireless networks and is currently taking pre-orders for Q4 delivery. All Kajeet 5G education solutions include CIPA-compliant filtering to keep students safe and on-task, as well as Kajeet's award-winning device and data management platform, Sentinel®, which allows administrators to manage devices and data allocations, access controls and gain key insights into program performance. The Kajeet 5G portfolio of products will be on display at Booth #2856 at ISTELive 23 this week. The Kajeet education team will provide detailed demonstrations and answer any questions for technology decision makers looking to bring the next generation of tools to their students. About Kajeet Kajeet provides optimized IoT connectivity, software and hardware solutions that deliver safe, reliable, and controlled internet connectivity to nearly 3,000 businesses, schools and districts, state, and local governments. Kajeet's private network solutions simplify private wireless to allow customers to design, install and manage their own private wireless networks. Kajeet's award-winning management platform, Sentinel®, includes visibility into real-time data usage, policy control management, custom content filters for added security, and multi-network flexibility. Since 2003, Kajeet has helped thousands of organizations connect over a million devices around the world.