What It Takes to Defend a Cybersecurity Company from Today's Adversaries
a year ago
- #threat-intelligence
- #ransomware
- #cybersecurity
- SentinelOne has faced attacks from financially motivated crimeware to advanced nation-state actors.
- Adversaries include DPRK IT workers posing as job applicants, ransomware operators, and Chinese state-sponsored actors.
- Security vendors are prime targets due to their access and responsibility in protecting multiple environments.
- DPRK IT workers have submitted over 1,000 job applications using fake personas to infiltrate SentinelOne.
- Ransomware groups target security platforms to disable protections and test malware efficacy.
- An underground economy exists for buying and selling access to enterprise security tools.
- Nitrogen ransomware group impersonates legitimate businesses to acquire security product licenses.
- Chinese state-sponsored group PurpleHaze conducted reconnaissance against SentinelOne and high-value organizations.
- Supply chain threats are significant, with attackers targeting third-party service providers.
- Cyber threat intelligence is critical for defending against insider threats and supply chain risks.