Log in
Show password
Forgot password ?
Become a member for free
Sign up
Sign up
New member
Sign up for FREE
New customer
Discover our services
Dynamic quotes 


SummaryMost relevantAll NewsAnalyst Reco.Other languagesPress ReleasesOfficial PublicationsSector newsMarketScreener Strategies

Cyber security threats: the hits keep coming

10/13/2021 | 03:52pm EDT

It's October and that means it's Cyber Security Awareness Month once again. Cyber security threats continue to evolve and proliferate at increasing speed. Opportunistic attackers are taking advantage of everything from remote working and cloud configuration errors to poorly defended operational technology protecting vital infrastructures. And they're becoming more professional with models like ransomware-as-a-service.

DXC Technology has identified 10 threat types that are presenting major challenges to organizations worldwide. We've also outlined our top strategies for defending against these threats.

Top 10 cyber security threats

Businesses are facing threats from every direction, including:

  1. Supply chain threats. Supply chain attacks, such as the one experienced by Solar Winds, are particularly problematic because even if your own security is robust, they can infiltrate your environment through vulnerabilities in your suppliers' security.
  2. Attacks on Linux and other non-Microsoft operating systems. Attackers are increasingly expanding beyond the Microsoft operating system. For example, Vermilion Strike rewrote the Cobalt Strike Windows red team tool to attack Linux systems.
  3. Persistence of major ransomware players. Major ransomware gangs such as the REvil ransomware-as-a-service operation do not generally disappear, but rather hibernate to avoid increased scrutiny or adopt new names. The ransomware-as-a-service model has enabled these groups to greatly expand their affiliate hackers and revenues.
  4. Remote work force vulnerabilities. In a recent survey, 67 percent of respondents said attacks had targeted remote workers and 74 percent said an attack had resulted from vulnerabilities related to COVID-19. It appears companies have not sufficiently adapted their security strategies in response to the new remote workforce reality.
  5. Cloud attacks due to misconfiguration. According to IBM, two-thirds of recent cloud breaches "would likely have been prevented by more robust hardening of systems, such as properly implementing security policies and patching systems." Issues with credentials and policies "trickled down to the most frequently observed initial infection vectors (including) improperly configured assets, password spraying, and pivoting from on-premises infrastructure."
  6. Zero-day threats. New security vulnerabilities not matching any known malware signature have reached new highs this year, with at least 66 zero-day viruses and other malware found in use already.
  7. Threats to operational technology (OT) systems. Attacks on OT devices - such as the Colonial Pipeline compromise - skyrocketed 46 percent this year. Utilities and manufacturing sectors are particularly at risk. Cyber security measures for OT are still weak or nonexistent in many cases.
  8. Brand abuse attacks. In almost half of these fraud attacks, cybercriminals impersonated credible brands to harvest consumer login credentials or personal data. These attackers spoofed digital content and experiences by creating fake social media profiles, rogue mobile apps or hoax websites.
  9. Ransomware recovery key destruction. Some ransomware gangs such as Grief and Ragnar Locker have threatened to delete victims' decryption keys if an organization involves authorities or a negotiation firm, rendering data unrecoverable.
  10. Zero-click mobile threats. These insidious attacks, which enable malware to install itself on a victim's device without the person clicking on a link, are on the rise for Android and Apple devices.

The best defense: good cyber hygiene

In DXC's experience, the best defense against sophisticated emerging threats is to get the basics right. Simple mistakes such as misconfigured cloud settings, weak passwords, and unpatched or outdated software can lead to major operational disruption and data leaks.

Follow these fundamental security hygiene practices to ensure you're well-fortified against both known and emerging cyber security threats:

  • Get configurations right. Review your configuration management database (CMDB) and plan a decision process that defines security tiers from most to least secure.
  • Monitor the security controls that you set up. If an alert is triggered but no one quickly notices it, the hackers will have time to gain a foothold in your environment.
  • Improve identity management. Problems often result from having too many highly privileged accounts, especially if some are disabled or unused, or from a lack of multifactor authentication.
  • Know your crown jewels. Determine which assets are essential for the organization's survival and which are less critical, then assign security controls accordingly.
  • Increase visibility into third-party suppliers. Identify, document and define the risks associated with all your third-party suppliers and service providers.
  • Keep up with patching and updating. Establish good coordination between the IT department and the security organization so you can verify that software and operating systems patching directives are carried out across the entire organization by operational IT teams.
  • Keep and secure reliable backups. Perform regular, complete backups for all essential systems and isolate them to protect from attacks. Know how to rebuild quickly from the backup and perform disaster recovery exercises regularly.
  • Build security into all new applications and solutions. Security should not be a second thought; it's more effective and ultimately simpler to build it in from the start, using native capabilities of your cloud platforms and operating systems when possible. Validate security once new systems go live with penetration testing and vulnerability scanning.


DXC Technology Co. published this content on 11 October 2021 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 13 October 2021 19:51:06 UTC.

ę Publicnow 2021
10/13DXC TECHNOLOGY : to Report Second Quarter 2022 Results on Wednesday, November 3
10/13CYBER SECURITY THREATS : the hits keep coming
10/12DXC TECHNOLOGY : Want the full benefits of cloud? Rethink the journey.
10/06DXC TECHNOLOGY : Data-driven development for autonomous driving with DXC Robotic Drive Clo..
09/29DXC TECHNOLOGY : supports digital literacy with Iberia Codes contest
09/29DXC TECHNOLOGY : Cement-Building Materials Business of SCG Selects DXC Technology for Move..
09/24DXC TECHNOLOGY : Completes Refinancing Actions
09/24DXC Technology Company Completes Refinancing Actions
09/23JOHN CHEN : Stock Futures -3-
09/22DXC TECHNOLOGY : Qualtrics, DXC Technology Announce Collaboration on Modern Workplace Solu..
More news
Analyst Recommendations on DXC TECHNOLOGY COMPANY
More recommendations
Financials (USD)
Sales 2022 16 743 M - -
Net income 2022 430 M - -
Net Debt 2022 2 010 M - -
P/E ratio 2022 20,1x
Yield 2022 -
Capitalization 8 796 M 8 796 M -
EV / Sales 2022 0,65x
EV / Sales 2023 0,60x
Nbr of Employees 134 000
Free-Float 97,2%
Duration : Period :
DXC Technology Company Technical Analysis Chart | MarketScreener
Full-screen chart
Technical analysis trends DXC TECHNOLOGY COMPANY
Short TermMid-TermLong Term
Income Statement Evolution
Mean consensus OUTPERFORM
Number of Analysts 11
Last Close Price 34,92 $
Average target price 45,27 $
Spread / Average Target 29,6%
EPS Revisions
Managers and Directors
Michael J. Salvino President, Chief Executive Officer & Director
Kenneth P. Sharp Chief Financial Officer & Executive Vice President
Ian C. Read Chairman
Ken Corless Executive VP-Technology, Offerings & Partners
Chris Drumgoole Chief Operating Officer & Executive Vice President
Sector and Competitors
1st jan.Capi. (M$)
ACCENTURE PLC30.86%215 907
SNOWFLAKE INC.18.54%100 371