Malware attacks using machine identities doubled in 2019

Venafi claims machine identity capabilities have been commoditized and added to off-the-shelf malware

Commodity malware campaigns using machine identities are increasing at a rapid pace, according to a Venafi report, which reveals that this type of attack doubled between 2018 and 2019.

According to the Venafi threat intelligence team, malware attacks using machine identities, including high-profile campaigns like TrickBot, Skidmap, Kerberods and CryptoSink, grew eightfold over the last 10 years. In the second half of the last decade, these attacks increased even quicker.

Venafi threat intelligence researcher Yana Blachma states that while machine identity capabilities were once used primarily by high-profile threat actors and nation-state actors, they have since been commoditized and added to off-the-shelf malware.

As a result, Blachman says, these campaigns have become more sophisticated and harder to detect.

“For example, massive botnet campaigns abuse machine identities to get an initial foothold into a network and then move laterally to infect further targets," Blachman explained.

"In many recorded cases, bots download crypto-mining malware that hijacks a target’s resources and shuts down services. When successful, these seemingly simple and nonadvanced attacks can inflict serious damage on an organization and its reputation". 

An uptick in microservices, DevOps projects, cloud workloads and IoT devices on enterprise networks also complicates the misuse of machine identities. Though there are more than 31 billion IoT devices worldwide, the number of connected mobile devices will reach 12.3 billion by 2022. Venafi predicts 500 million new logical apps will be created between 2018 and 2023 too.

To communicate with one another securely, each application and device must have a machine identity to authenticate itself. Machines don’t rely on usernames or passwords to establish trust, privacy or security. Instead, cryptographic keys and digital certificates serve as machine identities. Unfortunately, organizations without such measures in place are already experiencing malware attacks designed to exploit machine identities.

According to Kevin Bocek, vice president of security strategy and threat intelligence at Venafi, human-centric security models are no longer effective in protecting against these threats.

“To protect our global economy, we need to provide machine identity management at machine speed and cloud scale. Every organization needs to ensure they have full visibility and comprehensive intelligence over every authorized machine they are using in order to defend themselves against the rising tide of attacks,” says Bocek.

Featured Resources

Preparing for AI-enabled cyber attacks

MIT technology review insights

Download now

Cloud storage performance analysis

Storage performance and value of the IONOS cloud Compute Engine

Download now

The Forrester Wave: Top security analytics platforms

The 11 providers that matter most and how they stack up

Download now

Harness data to reinvent your organisation

Build a data strategy for the next wave of cloud innovation

Download now

Recommended

What is zero trust?
network security

What is zero trust?

5 Aug 2021
Senate report slams agencies for poor cyber security
cyber security

Senate report slams agencies for poor cyber security

3 Aug 2021
86% of organizations expect a cyber attack in the next 12 months
cyber attacks

86% of organizations expect a cyber attack in the next 12 months

3 Aug 2021
Colonial Pipeline hack spurred copycat attacks on other oil and gas companies
hacking

Colonial Pipeline hack spurred copycat attacks on other oil and gas companies

29 Jul 2021

Most Popular

RMIT to be first Australian university to implement AWS supercomputing facility
high-performance computing (HPC)

RMIT to be first Australian university to implement AWS supercomputing facility

28 Jul 2021
Tesla Megapack goes up in flames at Australian battery site
Hardware

Tesla Megapack goes up in flames at Australian battery site

30 Jul 2021
PwnedPiper flaws threaten infrastructure of 80% of US hospitals
Security

PwnedPiper flaws threaten infrastructure of 80% of US hospitals

2 Aug 2021