{"id":33479,"date":"2022-10-31T13:51:00","date_gmt":"2022-10-31T12:51:00","guid":{"rendered":"https:\/\/www.cbleon-abogados.com\/discover-how-cyber-attacks-are-carried-out-in-companies\/"},"modified":"2022-10-31T13:51:00","modified_gmt":"2022-10-31T12:51:00","slug":"discover-how-cyber-attacks-are-carried-out-in-companies","status":"publish","type":"post","link":"https:\/\/cbleon-abogados.com\/en\/discover-how-cyber-attacks-are-carried-out-in-companies\/","title":{"rendered":"Discover how cyber-attacks are carried out in companies"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_82_2 counter-hierarchy ez-toc-counter ez-toc-white ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Tabla de Contenidos<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/cbleon-abogados.com\/en\/discover-how-cyber-attacks-are-carried-out-in-companies\/#Cyber-attacks_on_companies\" >Cyber-attacks on companies<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/cbleon-abogados.com\/en\/discover-how-cyber-attacks-are-carried-out-in-companies\/#Cyber-attacks_on_companies_through_ISO_files\" >Cyber-attacks on companies through ISO files<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/cbleon-abogados.com\/en\/discover-how-cyber-attacks-are-carried-out-in-companies\/#LNK_files_Another_method_of_cyber-attack_on_companies\" >LNK files: Another method of cyber-attack on companies<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/cbleon-abogados.com\/en\/discover-how-cyber-attacks-are-carried-out-in-companies\/#Attack_through_the_supply_chain\" >Attack through the supply chain<\/a><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"Cyber-attacks_on_companies\"><\/span><strong>Cyber-attacks on companies<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>In this post we show you some of the methods of cyber-attacks in companies, which are being executed by organized groups to enter the systems of companies to steal information, among other things, and then ask for ransom.<\/p>\n<p><strong>Some of these methods have been detected by the Threat Hunting team at BlackArrow, a Tarlogic Security offensive and defensive services organization.<\/strong><\/p>\n<p>This division is a benchmark in cybersecurity in Europe. They are based in Santiago de Compostela and Madrid and have recruited a hundred experts in these matters.<\/p>\n<p>A few weeks ago, a team of hunters from this division presented a report recapping the main intrusion vectors that have been detected in companies during 2022.<\/p>\n<p>Basically, they conducted research focused on hunting for potential cyber-attack threats in companies.<\/p>\n<p>BlackArrow experts detected three intrusion paths, used by cybercriminals, to enter organizations&#8217; systems and execute cyberattacks.<br \/>\nThese techniques, in the open, have become a trend in 2022. They enter systems through ISO, LNK files and also attack the supply chain. Here&#8217;s how.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Cyber-attacks_on_companies_through_ISO_files\"><\/span><strong>Cyber-attacks on companies through ISO files<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-33473 size-full\" src=\"https:\/\/www.cbleon-abogados.com\/wp-content\/uploads\/2022\/11\/Hacker-utilizando-el-virus-informatico-para-el-ataque-cibernetico.jpg\" alt=\"Hacker using computer virus for cyber attack\" width=\"1280\" height=\"853\" srcset=\"https:\/\/cbleon-abogados.com\/wp-content\/uploads\/2022\/11\/Hacker-utilizando-el-virus-informatico-para-el-ataque-cibernetico.jpg 1280w, https:\/\/cbleon-abogados.com\/wp-content\/uploads\/2022\/11\/Hacker-utilizando-el-virus-informatico-para-el-ataque-cibernetico-300x200.jpg 300w, https:\/\/cbleon-abogados.com\/wp-content\/uploads\/2022\/11\/Hacker-utilizando-el-virus-informatico-para-el-ataque-cibernetico-1024x682.jpg 1024w, https:\/\/cbleon-abogados.com\/wp-content\/uploads\/2022\/11\/Hacker-utilizando-el-virus-informatico-para-el-ataque-cibernetico-768x512.jpg 768w, https:\/\/cbleon-abogados.com\/wp-content\/uploads\/2022\/11\/Hacker-utilizando-el-virus-informatico-para-el-ataque-cibernetico-370x247.jpg 370w, https:\/\/cbleon-abogados.com\/wp-content\/uploads\/2022\/11\/Hacker-utilizando-el-virus-informatico-para-el-ataque-cibernetico-760x506.jpg 760w\" sizes=\"auto, (max-width: 1280px) 100vw, 1280px\" \/><\/p>\n<p>This is one of the methods observed during the research. Cybercriminals send ISO files via Google Drive.<br \/>\nThese on the surface are legitimate, but in reality they are the beginning of a cyber-attack on a company.<\/p>\n<p>It is particularly aimed at achieving control of the systems, which is critical, especially if the system has vulnerable defensive layers.<br \/>\nThe cyber-attack on a company by this method is executed as follows:<\/p>\n<p><strong>Any employee receives the ISO file, in their email, shared from Google Drive. When the document is automatically executed it mounts and initiates a whole series of methods aimed at executing malicious code.<\/strong><br \/>\nThese can be passed to other computers in the company via that employee&#8217;s computer. If successful, the cyberattack on that company could leave critical damage.<\/p>\n<h4><span class=\"ez-toc-section\" id=\"LNK_files_Another_method_of_cyber-attack_on_companies\"><\/span><strong>LNK files: Another method of cyber-attack on companies<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h4>\n<p>These are shortcuts that Windows uses as a reference to an original executable file.<br \/>\nWith this method, as with the previous one, cybercriminals use LNK files that are legitimate in appearance, but execute malicious code. The objective is to advance the intrusion sequence.<\/p>\n<p>In this case, the codes are executed as follows:<br \/>\n<strong>An employee can receive the LNK file in his or her mailbox. It can be via e-mail or from a storage device or pen drive. When the employee opens the link, the malicious activity created by the cyber attacker is executed.<\/strong><\/p>\n<h3><span class=\"ez-toc-section\" id=\"Attack_through_the_supply_chain\"><\/span><strong>Attack through the supply chain<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>This method of cyberattacking a particular company has gained popularity in 2022. This is an intrusion vector known as a supply chain attack.<\/p>\n<p>It means that, the objectives of the attack include supplier engagement and the pre-engagement path to customer engagement.<br \/>\n<strong>In this case, the objective of the attackers is to attack the large structure, weakening the smaller link. Suppliers are often more vulnerable to cyber-attacks, so attackers see a clear path to the systems of larger companies.<\/strong><br \/>\nAll this research has prompted the experts at BlackArrow to share some critical security tips to prevent cyberattacks in today&#8217;s businesses.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-33469 size-full\" src=\"https:\/\/www.cbleon-abogados.com\/wp-content\/uploads\/2022\/10\/Soldados-de-las-Fuerzas-Especiales-de-Ciberseguridad-totalmente-armados.jpg\" alt=\"Fully Armed Cybersecurity Special Forces Soldiers\" width=\"1280\" height=\"720\" srcset=\"https:\/\/cbleon-abogados.com\/wp-content\/uploads\/2022\/10\/Soldados-de-las-Fuerzas-Especiales-de-Ciberseguridad-totalmente-armados.jpg 1280w, https:\/\/cbleon-abogados.com\/wp-content\/uploads\/2022\/10\/Soldados-de-las-Fuerzas-Especiales-de-Ciberseguridad-totalmente-armados-300x169.jpg 300w, https:\/\/cbleon-abogados.com\/wp-content\/uploads\/2022\/10\/Soldados-de-las-Fuerzas-Especiales-de-Ciberseguridad-totalmente-armados-1024x576.jpg 1024w, https:\/\/cbleon-abogados.com\/wp-content\/uploads\/2022\/10\/Soldados-de-las-Fuerzas-Especiales-de-Ciberseguridad-totalmente-armados-768x432.jpg 768w, https:\/\/cbleon-abogados.com\/wp-content\/uploads\/2022\/10\/Soldados-de-las-Fuerzas-Especiales-de-Ciberseguridad-totalmente-armados-370x208.jpg 370w, https:\/\/cbleon-abogados.com\/wp-content\/uploads\/2022\/10\/Soldados-de-las-Fuerzas-Especiales-de-Ciberseguridad-totalmente-armados-1170x658.jpg 1170w, https:\/\/cbleon-abogados.com\/wp-content\/uploads\/2022\/10\/Soldados-de-las-Fuerzas-Especiales-de-Ciberseguridad-totalmente-armados-760x428.jpg 760w, https:\/\/cbleon-abogados.com\/wp-content\/uploads\/2022\/10\/Soldados-de-las-Fuerzas-Especiales-de-Ciberseguridad-totalmente-armados-270x152.jpg 270w\" sizes=\"auto, (max-width: 1280px) 100vw, 1280px\" \/><br \/>\nIt is not enough to deal with vulnerabilities, you must also deal with potential threats.<\/p>\n<p>It is recommended that organizations invest in Threat Hunting services to protect their systems from attackers.<br \/>\nIn addition, they recommend strengthening cybersecurity, placing greater emphasis on how attackers act.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cyber-attacks on companies In this post we show you some of the methods of cyber-attacks in companies, which are being executed by organized groups to enter the systems of companies to steal information, among other things, and then ask for ransom. Some of these methods have been detected by the Threat Hunting team at BlackArrow, a Tarlogic Security offensive and&hellip;<\/p>\n","protected":false},"author":5,"featured_media":33468,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_joinchat":[],"footnotes":""},"categories":[170],"tags":[],"class_list":["post-33479","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-en"],"acf":[],"_links":{"self":[{"href":"https:\/\/cbleon-abogados.com\/en\/wp-json\/wp\/v2\/posts\/33479","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cbleon-abogados.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cbleon-abogados.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cbleon-abogados.com\/en\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/cbleon-abogados.com\/en\/wp-json\/wp\/v2\/comments?post=33479"}],"version-history":[{"count":0,"href":"https:\/\/cbleon-abogados.com\/en\/wp-json\/wp\/v2\/posts\/33479\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cbleon-abogados.com\/en\/wp-json\/wp\/v2\/media\/33468"}],"wp:attachment":[{"href":"https:\/\/cbleon-abogados.com\/en\/wp-json\/wp\/v2\/media?parent=33479"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cbleon-abogados.com\/en\/wp-json\/wp\/v2\/categories?post=33479"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cbleon-abogados.com\/en\/wp-json\/wp\/v2\/tags?post=33479"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}