The biggest underestimated security threat of today? Advanced persistent teenagers

Date:

Share post:


If you ask some of the top cybersecurity leaders in the field what’s on their worry list, you might not expect bored teenagers to be top of mind. But in recent years, this entirely new generation of money-driven cybercriminals has caused some of the biggest hacks in history and shows no sign of slowing down.

Meet the “advanced persistent teenagers,” as dubbed by the security community. These are skilled, financially motivated hackers, like Lapsus$ and Scattered Spider, which have proven capable of digitally breaking into hotel chains, casinos, and technology giants. By using tactics that rely on credible email lures and convincing phone calls posing as a company’s help desk, these hackers can trick unsuspecting employees into giving up their corporate passwords or network access. 

These attacks are highly effective, have caused huge data breaches affecting millions of people, and resulted in huge ransoms paid to make the hackers go away. By demonstrating hacking capabilities once limited to only a few nation states, the threat from bored teenagers has prompted many companies to reckon with the realization that they don’t know if the employees on their networks are really who they say they are, and not actually a stealthy hacker.

From the points of view of two leading security veterans, have we underestimated the threat from bored teenagers?

“Maybe not for much longer,” said Darren Gruber, technical advisor in the Office of Security and Trust at database giant MongoDB, during an onstage panel at TechCrunch Disrupt on Tuesday. “They don’t feel as threatened, they may not be in U.S. jurisdictions, and they tend to be very technical and learn these things in different venues,” said Gruber. 

Plus, a key automatic advantage is that these threat groups also have a lot of time on their hands. 

“It’s a different motivation than the traditional adversaries that enterprises see,” Gruber told the audience.

Gruber has firsthand experience dealing with some of these threats. MongoDB had an intrusion at the end of 2023 that led to the theft of some metadata, like customer contact information, but no evidence of access to customer systems or databases. The breach was limited, by all accounts, and Gruber said the attack matched tactics used by Scattered Spider. The attackers used a phishing lure to gain access to MongoDB’s internal network as if they were an employee, he said.

Having that attribution can help network defenders defend against future attacks, said Gruber. “It helps to know who you’re dealing with,” he said.

Heather Gantt-Evans, the chief information security officer at fintech card issuing giant Marqeta, who spoke alongside Gruber at TechCrunch Disrupt, told the audience that the motivations of these emerging threat groups of teenagers and young adults are “incredibly unpredictable,” but that their tactics and techniques weren’t particularly advanced, like sending phishing emails and tricking employees at phone companies into transferring someone’s phone number. 

Image Credits:Getty Images

“The trend that we’re seeing is really around insider threat,” said Gantt-Evans. “It’s much more easier to manipulate your way in through a person than through hacking in with elaborate malware and exploitation of vulnerabilities, and they’re going to keep doing that.”

“Some of the biggest threats that we’re looking at right now relate to identity, and there’s a lot of questions about social engineering,” said Gruber. 

The attack surface isn’t just limited to email or text phishing, he said, but any system that interacts with your employees or your customers. That’s why identity and access management are top of mind for companies like MongoDB to ensure that only employees are accessing the network.

Gantt-Evans said that these are all “human element” attacks, and that combined with the hackers’ often unpredictable motivations, “we have a lot to learn from,” including the neurodivergent ways that some of these younger hackers think and operate.

“They don’t care that you’re not good at a mixer,” said Gantt-Evans. “We in cybersecurity need to do a better job at embracing neurodiverse talent, as well.”



Source link

Lisa Holden
Lisa Holden
Lisa Holden is a news writer for LinkDaddy News. She writes health, sport, tech, and more. Some of her favorite topics include the latest trends in fitness and wellness, the best ways to use technology to improve your life, and the latest developments in medical research.

Recent posts

Related articles

Spotify tests a video feature for audiobooks as it ramps up video expansion

Spotify is enhancing the audiobook experience for premium users through three new experiments: video clips, author pages,...

Candela brings its P-12 electric ferry to Tahoe and adds another $14M to build more

Electric passenger boat startup Candela has topped off its most recent raise with another $14 million, the...

OneRail’s software helps solve the last-mile delivery problem

Last-mile delivery, the very last step of the delivery process, is a common pain point for companies....

Bill to ban social media use by under-16s arrives in Australia’s parliament

Legislation to ban social media for under 16s has been introduced in the Australian parliament. The country’s...

Lighthouse, an analytics provider for the hospitality sector, lights up with $370M at a $1B valuation

Here is yet one more sign of the travel industry’s noticeable boom: a major growth round for...

DOJ: Google must sell Chrome to end monopoly

The United States Department of Justice argued Wednesday that Google should divest its Chrome browser as part...

WhatsApp will finally let you unsubscribe from business marketing spam

WhatsApp Business has grown to over 200 million monthly users over the past few years. That means there...

OneCell Diagnostics bags $16M to help limit cancer reoccurrence using AI

Cancer, one of the most life-threatening diseases, is projected to affect over 35 million people worldwide in...