Page 50 - Cyber Defense eMagazine April 2021 Edition
P. 50
ast year was a challenging year for organisations for a
Lnumber of reasons. Perhaps one of the biggest for
businesses is the shift to homeworking on a huge scale. This shift
to remote working and increasingly to the cloud has resulted in a
larger attack surface area that cyber criminals have capitalized on.
In 2020 we saw a resurgence of ransomware attacks and an in-
crease in credential phishing campaigns, as well as new
and novel attacks targeting cloud assets and resources.
Browsers in particular have become even more tempting and
are being used to access new applications and cloud services.
Since the first browsers arrived in the 1990s, they have been a target
for malicious actors. As they have continued to evolve, so too have the
ways hackers exploit their vulnerabilities. In the past, attackers could ex-
ploit a security flaw in a minor feature and spread laterally throughout the
software stack. Now, once they get in, they have to find ways to move
– either by trying to access the core OS of the device or by hijacking the
browser process. This requires finding and taking advantage of bugs at
different levels of the OS, the browser, and the browser functionality.
While we continue to see new and novel types of attacks, one tech-
nique that has persisted is the use of web browser exploits to com-
promise endpoint systems. Although we don’t see a lot of ex-
ploit kits these days, we are seeing more sophisticated attacks
that continue to use this infection vector by developing zero days.
Of the zero days that attackers have actively exploit-
ed in the wild during last year, there’s a clear shift in attackers
developing more zero days for Chrome. But why is this? For a
start, Chrome has the largest market share, so it’s natural that
attackers will go after it – and this will only increase in the fu-
ture. In addition, starting in January 2020, Microsoft’s Edge brows-
er became based on Chromium. Developing an exploit for Chrome
now gives attackers a much larger attack surface to go after.
After Google fixed five flaws in Chrome in a span of a month, Men-
lo Labs published a blog at the end of last year revealing that a num-
ber of customers were still running old versions of the browser. In
fact, 83% were still running versions of Chrome that were vulnerable.
Looking at the Chrome browser update cycle across the Menlo
Security global customer base, we can see this ‘patch lag’ – the time
between a new patch being made available and users installing it.
50 Cyber Defense eMagazine – April 2021 Edition
Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.