cyber attacks that you hear about them in news these days are not advanced at all, this is security community acting so naive and blind, knowingly and unknowingly which then implies into thinking that attacks are sophisticated.
in mature industries like agriculture, professionals study their enemies and for centuries they have been able to defeat adversaries. pests for example, are literally controlled by agriculture industry, but why one of the most advanced industry aka computer industry is not capable of handing adversaries, the cyber attackers?
well, it is simply because market is selling something irrelevant to industry and we blindly accept it. this is like going to local farm store and buy a can of pest control and spray it over your field and expecting your crop being immune to Sunn pest. compare local farm store and surface web cyber security market, and that can of pesticide as EDR or whatever, and Sunn pest as any type attacker you want. basically attackers do not need to even plan for a advanced attack as long as we are going to buy anything market forces, instead of right solution advised by cybersecurity scientists.
the solutions to have a safe cyberspace are not those at the top list of Gartner magic quadrant latest report, solutions are not a rebranding approach just to sell something…they are simply result of research of cyber security professionals.
let me give you a piece of advise that you probably have heard before, you want to secure your cyber assets? study about basics of access control and the most elementary ways of restricting access to files and databases…you want to security your network, back to the basics of segmentation, which by the way, you can still implement it by the oldest firewall collecting dust in your server room shelf…back to the basics!