A new study suggests that organizations should shift their cybersecurity focus to defending non-Windows infrastructure, such as Linux, while deemphasizing attribution of Advanced Persistent Threats (APTs) to any particular nation-state.
The cyber threats report, released by Booz Allen Hamilton, predicts that in 2020 most APTs will continue to rely on “userland malware and userspace tactics, techniques, and procedures to conduct operations.” That’s because “Microsoft has hardened the kernel to attacks,” the report said.
“Companies should stop worrying about attribution,” of attacks, the report said. “Most major companies always want to know ‘who did this,’ but the focus really should shift to an actor-agnostic approach.”
Elsewhere, the report says that cyber adversaries may start carrying the risk of being a target for more conventional military responses. This isn’t a new phenomenon for the United States, the report says, but may be considered more by other nations. The report does note that “although it is possible states may target each other’s infrastructure directly, it is more likely that states will avoid direct and escalatory confrontation absent the existence of ongoing conflict.”