Attacks on commonly used technology hardware and software are frequent, and the trend is on the rise. Attackers target widely used products because of their popularity; their widespread use increases the potential for a successful attack.
A 2022 report by Symantec found that 89% of targeted attacks made use of common IT tools. Here are some examples:
- Operating systems (e.g., Windows, macOS, Linux) (This covers most personal computers, tablets and phones).
- Web browsers (e.g., Chrome, Firefox, Edge)
- Productivity software (e.g., Microsoft Office, Google Workspace)
- Cloud computing platforms (e.g., AWS, Azure, GCP)
- Remote management tools (e.g., RDP, SSH)
The motivations behind these attacks vary, but they include financial gain, data theft, disruption of services, or political motives. Attackers may exploit vulnerabilities in the hardware or software, or they may use social engineering techniques to trick users into revealing sensitive information. Some of the exploitation methods include:
- Vulnerability exploitation: Attackers look for known technology vulnerabilities and exploit them.
- Phishing: Attackers send phishing emails or text messages trying to trick users into revealing confidential information or clicking on malicious links. These messages usually imply urgency or offer some material gain. They are designed to solicit a fast response from the user before they become suspicious.
- Supply chain attacks: Attackers target software vendors or other third-party organizations to gain access to their customers’ systems and data.
The Clerk’s Office works diligently to keep our computer systems up-to-date and to educate our employees in the best and most secure procedures. We are proactive in our approach to identifying potential risks and mitigating opportunities for malicious attackers. Through this approach, we increase resiliency and safeguard our digital assets. The Clerk has an IT staff to do this, and you don’t, but there are nonetheless things you can do to reduce your personal technology risk:
- Stay informed about the latest security trends and attack methods.
- Keep your hardware and software up-to-date and apply new security patches promptly.
- Take advantage of reputable sources of information about cybersecurity online, for example: