Formidable threat actors find weakest link to breach data

MACTAN, Cebu — Threat actors are just waiting for the right timing to attack and harvest people’s precious data.

These threat actors do not discriminate as to whose data they violate and their victims could be the most supposedly secure of government agencies.

In an exclusive interview on the sidelines of the VST-ECS CXO Tech Summit on Friday here, Palo Alto country manager Oscar Visaya admitted that threat actors have already evolved in their highest form to go after someone’s data.

“Threat actors nowadays are too good. They find the weakest link in organizations. They find time and the right opportunity to enter and  spread the virus,” he said, adding that there is, indeed, a need to protect organizations by means of looking for the right process, people and technologies.

 

Generative AI

“Right now, generative artificial intelligence is used to send effective phishing emails. And with AI, cyber threats can evolve, that is the reason why we are asking all organizations to go along with the evolution to protect organizations,” Visaya told the DAILY TRIBUNE.

“Legacy technology should be changed to the latest and safest one. This will put organizations to be at par with others. Cybersecurity is all about mindset as all dealings in the future will be digitalized and your organization will be left behind, then the future is not good for you,” added Visaya.

On Monday, Senator Risa Hontiveros filed Senate Resolution 829 which aims to find out why three government institutions were penetrated by hackers, which involves the leaking of individuals’ personal information, raising doubts about the agency’s capability to protect the data of citizens.

 

Endangers Filipinos’ safety and security

“The breach of personal and sensitive information kept by government agencies endangers the safety and security of all Filipinos — leaving us even more vulnerable to increasingly nefarious schemes involving text message spams, online scams, phishing, financial fraud, extortion, blackmail and identity theft,” the resolution read.

Last month, state insurer Philippine Health Insurance Corporation was reportedly attacked by Medusa Ransomware, compromising some members’ personal and sensitive information, such as addresses, and social security numbers, among others.

Also, a separate cyberattack happened on the Philippine Statistics Authority, which announced on 12 October that personal and sensitive data from its Community-Based Monitoring System had been accessed by “bad actors.”

Meanwhile, the website of the House of Representatives was also hacked last Sunday.

In an earlier statement, it said that the attack surface of cloud-native applications is constantly expanding especially in today’s rapidly evolving digital landscape.

 

Fortify security measures

The cybersecurity expert said with adversaries seeking to exploit misconfigurations and vulnerabilities at every step of the application life cycle, it has become more crucial than ever, for organizations, to fortify security measures.

Furthermore, tech research and consulting firm Gartner reported that securing the software delivery pipeline is as important as securing the software that is delivered.

Palo Alto Networks, a leader in the cybersecurity domain, with a presence in the Philippines, introduced the CI/CD Security module to its Prisma Cloud platform.

The CI/CD Security module is a groundbreaking addition to Prisma Cloud, as it offers seamless integration of software delivery pipeline security into organizations’ cloud-native environments.

 

Prevalence of open-source usage

Attacks on software supply chains are on the rise due to the prevalence of open-source usage and the complexity of software dependency, which makes securing the software supply chain difficult.

In 2022, more than 7,300 malicious Open-Source Software packages were discovered across all major package manager registries.

Leave a Reply

Your email address will not be published. Required fields are marked *