Streamline your cloud experience and maximise your cloud investment with Microsoft Azure-aligned public cloud services.
Host all of your workloads in the most appropriate location while experiencing the simplicity of one cloud from Six Degrees.
Enhance your cyber security and safeguard your organisation with our cyber security strategy and advisory, consultancy, and managed services.
Connect your business through a comprehensive connectivity portfolio delivered via our owned and operated core Next Generation Network (NGN).
Access the smarter, faster technology needed to make the most of your hybrid working future.
Streamline your hosting with comprehensive colocation services delivered from three UK data centres.
Gain clarity and control of your 5G estate, ensuring ongoing cost efficiencies are managed on your behalf through our managed service.
Gain confidence in your cloud direction and achieve accelerated time to value through our assured and optimised cloud services.
Master today’s complex threat landscape and protect your business with our intelligence-led security services.
Videos and webinars are a great way to digest the latest technology insights.
Our eBooks and whitepapers provide in-depth insights from our experts.
Our thought leaders publish regular blogs on up-to-the-minute topics.
Learn all about the latest news from Six Degrees as we continue to evolve.
We host regular in-person and virtual events for our clients.
Learn how we enable our clients to achieve more; providing superior secure solutions, powered by our passionate people.
We are proud to partner with many of the world’s leading vendors, enabling you to leverage our continual investment in difference-making technology.
Learn how CNS at Six Degrees delivers intelligence-led security services that protect organisations in today’s hostile landscape.
We are committed to operating in an environmentally and socially conscious way. Learn more about our commitments as a business.
We are proud of our secure cloud credentials. Learn why we’re one of the most highly accredited providers in the UK.
We are a friendly and passionate bunch here. Whether you want to work with us or for us, we think you’ll enjoy the Six Degrees experience.
Home » Blogs » Cyber Security Landscape Insights for Winter 2021/22
As we move towards Christmas and the New Year, it becomes that time when we begin to have a better view of how various trends and products identified in earlier quarters have had an effect on the cyber security landscape we find ourselves in now. Let’s take a look at some of the key trends we’ve experienced at Six Degrees.
The increased adoption of remote working has been one of the biggest changes we’ve experienced over previous years, and that acceleration has only continued over the last few quarters. With this sudden change has come a shift in the way people work and the systems they connect to daily.
This has resulted in a wide array of both success and failure stories. The burden on IT teams has been immense, and for those ill-prepared it’s meant new environments having to be stood up quickly to handle remote working. It’s also led to a sudden increase in the numbers of mobile devices and laptops connecting to networks. In some cases where supply has failed to meet demand, personal devices have filled the void. This has created a dramatic expansion of attack surface.
All of this has provided attackers with a great deal more in the way of opportunity. Add to that one of the most successful years for ransomware on record, and we soon find ourselves in a world where ransomware is still paying – increasingly well at that! Worst of all, success breeds success in these arenas. There will be more to come.
While on the topic of ransomware, changes in deployment have also been interesting to watch over the last year or so. Each incident response our team at Six Degrees has carried out for ransomware victims this year has seen an increasing level of manual attack before deployment, with a focus shift towards identifying targets of interest, rather than the somewhat automated spray and pray approach of yesteryear.
With this level of investigation prior to deployment has also come a step up in techniques for privilege escalation. One of the issues with automated deployment is that attackers can never be sure of the environment their malware is being dropped into; malware authors need to consider operating system, account level, how they are going to escalate, if there is antivirus or Managed Detection and Response to evade first, and an almost endless list of other variables.
Attackers in general (cyber or not) will often take the easiest route to achieving their goal. If manual compromise followed by manual deployment of a less advanced ransomware against a more specific set of targets overcomes having to create complex and intelligent malware that can account for any number of outcomes on its own, and also increases the success rate of deployment tenfold, that is the route they will take.
Several hard-hitting vulnerabilities in Exchange Server have plagued Microsoft over the last year, and these have resulted in a large number of incident response calls to our CSIR department during Q2 and Q3 2021. Given the widespread use of Exchange Server, these vulnerabilities continue to be a widely researched, problematic topic that has seen a lot of organisations switching to a fully cloud-based environment. A number of ransomware groups, such as those behind the well-known Conti malware, have also started to use these vulnerabilities as a method of gaining an initial foothold on the network. This is a clear sign that these groups stay up-to-date, and also have the skills for manual exploitation and deployment.
We’re seeing an arms race between attackers and defenders. Without all organisations taking preventative measures to protect themselves, the attackers will win. The sheer volume of cyber-attacks being launched means that siloed security solutions are unable to keep up.
Making cyber smart decisions that align to your wider organisational strategy is an essential element of maintaining operational integrity and ensuring success in this hostile digital landscape. Partnering with an experienced, credible cyber security provider will allow you to establish your organisation’s risk appetite and enhance your cyber security posture. Click here to arrange a call with one of our experts today.
How and Why You Should Adopt a Cost-Benefit…
Planning for the Future of Cyber Security Today…
Complete your details to download our 10 steps…
More information on our Privacy and Cookies Policy can be found here: https://www.6dg.co.uk/privacy-cookies/. You can update how we contact you in the future by visiting our Communications Preference Centre here: https://www.6dg.co.uk/preference-centre/.
