NEVERHACK Estonia
17. apr. 2025
Inside the World of Adaptive Threats
As cyber threats grow more sophisticated, the race between defenders and attackers has never been more intense. In the latest episode of CyberCast, host Ronnie Jaanhold sits down with Peter Helms, Senior Solutions Engineer at Trellix, to explore how advanced persistent threats (APTs) are evolving—and how organizations can stay one step ahead.
This episode is more than just a discussion; it’s a front-row seat to the tactics, techniques, and motivations of today’s cybercriminals. Peter, a seasoned expert with deep roots in ethical hacking and cybersecurity consulting, shares firsthand stories of simulated attacks, massive incident response operations, and real-world security failures that could have been prevented.
One of the most striking takeaways is how today’s attackers operate like well-run businesses. Gone are the days of amateur hackers spreading viruses for fun. Now, organized cybercrime groups—like the Phobos ransomware gang—sell their tools as “hacking-as-a-service,” complete with subscriptions and user support. Peter walks us through Trellix’s involvement in global takedown operations, highlighting the massive scale of these threats and the international cooperation required to disrupt them.
Peter also delves into the stealthy nature of modern attacks. Many APTs no longer rely on flashy exploits or brute-force methods. Instead, they use “living off the land” techniques, leveraging legitimate tools already present in an organization’s environment. This allows them to blend in and remain undetected for long periods. Add in the human element—such as password reuse and phishing—and you have a perfect storm for breaches.
But what really sets this episode apart is the emphasis on why detection still fails. With security teams bombarded by alerts daily, many “low and medium” threats are dismissed. Helms makes a compelling case that some of the biggest breaches could have been prevented if early warning signs weren’t ignored. He shares examples of massive compromises that started with overlooked alerts—stressing that smarter threat analysis is no longer optional.
So, how do we fight back?
Helms advocates for adaptive defense strategies—tailoring protections based on business risk—and 360-degree visibility across cloud, endpoints, networks, and OT environments. He also emphasizes the power of AI-driven threat detection. AI can help connect the dots between seemingly insignificant alerts, surface hidden threats, and reduce the burden on human analysts.
As the episode wraps up, Peter leaves listeners with one strong recommendation: embrace AI as a core part of your cybersecurity defense. Not because it’s trendy, but because it works. It can help surface critical signals that would otherwise get buried under alert fatigue and human error.
If your organization is serious about improving its cybersecurity posture in 2025 and beyond, this is a must-listen conversation. With humor, expertise, and practical advice, Peter Helms offers a clear-eyed look at where cyber threats are headed—and what you can do to stay ahead.
🎧 Tune in to the full episode now and get a deeper look into the cyber battlefield.
