IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Malware attacks using machine identities doubled in 2019

Venafi claims machine identity capabilities have been commoditized and added to off-the-shelf malware

Commodity malware campaigns using machine identities are increasing at a rapid pace, according to a Venafi report, which reveals that this type of attack doubled between 2018 and 2019.

According to the Venafi threat intelligence team, malware attacks using machine identities, including high-profile campaigns like TrickBot, Skidmap, Kerberods and CryptoSink, grew eightfold over the last 10 years. In the second half of the last decade, these attacks increased even quicker.

Venafi threat intelligence researcher Yana Blachma states that while machine identity capabilities were once used primarily by high-profile threat actors and nation-state actors, they have since been commoditized and added to off-the-shelf malware.

As a result, Blachman says, these campaigns have become more sophisticated and harder to detect.

“For example, massive botnet campaigns abuse machine identities to get an initial foothold into a network and then move laterally to infect further targets," Blachman explained.

"In many recorded cases, bots download crypto-mining malware that hijacks a target’s resources and shuts down services. When successful, these seemingly simple and nonadvanced attacks can inflict serious damage on an organization and its reputation". 

An uptick in microservices, DevOps projects, cloud workloads and IoT devices on enterprise networks also complicates the misuse of machine identities. Though there are more than 31 billion IoT devices worldwide, the number of connected mobile devices will reach 12.3 billion by 2022. Venafi predicts 500 million new logical apps will be created between 2018 and 2023 too.

To communicate with one another securely, each application and device must have a machine identity to authenticate itself. Machines don’t rely on usernames or passwords to establish trust, privacy or security. Instead, cryptographic keys and digital certificates serve as machine identities. Unfortunately, organizations without such measures in place are already experiencing malware attacks designed to exploit machine identities.

According to Kevin Bocek, vice president of security strategy and threat intelligence at Venafi, human-centric security models are no longer effective in protecting against these threats.

“To protect our global economy, we need to provide machine identity management at machine speed and cloud scale. Every organization needs to ensure they have full visibility and comprehensive intelligence over every authorized machine they are using in order to defend themselves against the rising tide of attacks,” says Bocek.

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

Protecting healthcare from cybercrime
Whitepaper

Protecting healthcare from cybercrime

25 May 2022
The truth about cyber security training
Whitepaper

The truth about cyber security training

25 Apr 2022
The truth about cyber security training
Whitepaper

The truth about cyber security training

25 Apr 2022
The Total Economic Impact™ of Mimecast
Whitepaper

The Total Economic Impact™ of Mimecast

25 Apr 2022

Most Popular

Actively exploited server backdoor remains undetected in most organisations' networks
cyber attacks

Actively exploited server backdoor remains undetected in most organisations' networks

1 Jul 2022
Macmillan Publishers hit by apparent cyber attack as systems are forced offline
Security

Macmillan Publishers hit by apparent cyber attack as systems are forced offline

30 Jun 2022
Former Uber security chief to face fraud charges over hack coverup
data breaches

Former Uber security chief to face fraud charges over hack coverup

29 Jun 2022