In short

• Hackers are targeting IT help desks to trick people into providing access to organisations’ systems and data.
• Cybercriminals are using a range of adaptive and sophisticated techniques to exploit opportunities, meaning that vigilance and educating staff are critical to preventing breaches.
• Out-of-hours help desk requests, logins from strange locations or a barrage of multifactor authentication attempts are all indicators a cyber attack might be underway.

Just like businesses, cybercriminals are also on their own digital transformation journey: they are constantly looking for new and innovative ways to infiltrate organisations.

At the top of the list of potential threats are breaches resulting from social engineering, a tactic where hackers trick employees, suppliers or contractors into revealing confidential information, clicking on malicious links or providing entry to IT systems.

A particularly menacing group that is successfully using social engineering tactics is Muddled Libra, also known as Star Fraud, UNC3944, Scatter Swine or Scattered Spider.

Over the past two years, these hackers have largely infiltrated organisations via IT help desks and are now believed to be also targeting cloud service providers and software as a service (SaaS) applications to steal data.

The group has already been linked to several high-profile cyber-attacks. One example is the September 2023 attack on MGM Resorts, where Muddled Libra used multifactor authentication fatigue attacks (numerous authentication requests) to gain access to the network.

Premium

You need to login to access this

Login

What are CIP Points? About ANZIIF Membership