GDPR Will Fuel Criminal Extortion

The number of exploit kit attacks is, slowly but surely, going down, and malware peddlers are turning towards more reliable tactics such as spam, phishing, and targeting specific, individual vulnerabilities.

The bad news is that everything else is on the rise: BEC scams, ransomware, stealthy crypto-mining, the number of enterprise records compromised in data breaches.

Last Year’s Threat Landscape

Trend Micro has released its annual security roundup of 2017 and it shows several interesting trends that will likely continue into 2018:

BEC scams (Business Compromising Emails) more than doubled in the second half of 2017 over the first half, and BEC incidents cost companies billions of dollars. This particular scam is very effective, relatively simple to pull off and can net criminals substantial sums, so it’s no wonder that it’s so popular.

Also, even though these scams have received much attention from the press, there’s seemingly a never-ending pool of potential victims who still don’t know about them, and readily fall for it. No company or industry is safe: the scammers go after tech companies, real estate firms and home buyers, art galleries and dealers, transportation companies, and so on.

The meteoric ascent of stealthy crypto-mining. Criminals going after cryptocurrency can choose between a variety of tactics: they can create apps carrying mining malware, compromise websites and make them quietly serve mining scripts, trick ad networks into delivering miners, deliver malware that steals crypto-currency wallets, and so on. 

Also, they can compromise crypto-currency exchanges and IPO offerings, or trick users into handing them their funds through simple scams.

Another interesting discovery is that compromised IoT devices are used less to fuel DDoS attacks, and more to for crypto-currency mining, despite the fact that processing power of small IoT devices is limited. Still, the criminals count on “strength in numbers.”

Ransomware still going strong. 2017 witnessed the emergence of over 300 new ransomware families. Their names are many and varied: some are as plain and direct as “Blackmail,” “Locked,” or “Payment”; some evoke more popular threats (“WannaSmile,” “LockCrypt,” “Spectre,” “CoNFicker”); and other seem randomly chosen words and variations (“Bubble,” “Zero,” “Oops”)

You probably haven’t heard about most of them, as the number of their infections is dwarfed by the real, widespread threats: WannaCry, Cerber, and Locky.

“Overall, the total WannaCry detections towered over both Cerber and Locky, two of the biggest ransomware players in terms of longevity, and even the rest of the ransomware families combined,” the researchers shared.

Other ransomware attacks of note in 2017 were Bad Rabbit and the attack that resulted in a South Korean web hosting provider paying $1 million to the attacker, who leveraged a Linux variant of the Erebus ransomware.

2018 Threat Landscape

Cyber criminals have made a definite move towards extorting organisations and are refining and targeting their attacks for greater financial return.

“The 2017 roundup report reveals a threat landscape as volatile as anything we’ve seen, with cybercriminals increasingly finding they’re able to gain more, whether it’s money or data or reputation damage, by strategically targeting companies’ most valuable assets,” says Jon Clay, director of global threat communications for Trend Micro.

The company’s researchers believe that, with the advent of GDPR, it’s likely that some criminals will try to extort money from enterprises by first determining the GDPR penalty that could result from an attack, and then demanding a ransom of slightly less than that fine, which CEOs might opt to pay.

Another definitive trend is the extremely obvious attackers’ preference for spam email as the main ransomware propagation mechanism.

Between that and BEC scams, the need for effective spam blocking solutions and security awareness training on phishing and social engineering tactics seems quite obvious.

HelpNetSecurity

You Might Also Read: 

Delve Into GDPR - Questions & Answers:

Cyber Threats Will Grow With GDPR:

 

 

« North Korea's Cyber Army Has A New Battalion
The Web Is Dying. Make Way For The Trinet »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Octopus Cybercrime Community

Octopus Cybercrime Community

The Octopus Community is a platform for information sharing and cooperation on cybercrime and electronic evidence.

IntaForensics

IntaForensics

IntaForensics offer a full range of digital investigation services and are able to adapt to the individual needs of solicitors, private clients, Law Enforcement Agencies and commercial businesses.

SySS

SySS

SySS is a market leader in penetration testing in Germany and Europe.

UPX Technologies

UPX Technologies

UPX Technologies is one of the largest digital security centers in Brazil providing full protection for data, networks and content.

Approachable Certification

Approachable Certification

Approachable Certification is a UKAS accredited certification body offering down-to-earth and competitively priced audits against ISO Management Systems standards.

Osirium

Osirium

The Osirium PxM Privileged Access Management platform addresses both security and compliance requirements by defining who gets access to what and when.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Injazat

Injazat

Injazat Data Systems is an industry recognized market leader in the Gulf region for Information Technology, Data Center and Managed Services.

Accops Systems

Accops Systems

Accops enables secure and instant remote access to business applications from any device and network, ensuring compliant enterprise mobility.

Synoptek

Synoptek

Synoptek is a global systems integrator and managed IT services provider (MSP). We offer comprehensive IT management and consultancy services to organizations worldwide.

Sterling Information Technologies

Sterling Information Technologies

Sterling is an information security, operational risk consulting and advisory group. Our Advisory services help to safeguard information assets while supporting business operations.

OxCyber

OxCyber

OxCyber's mission is to ignite and encourage cybersecurity and technology growth in the Thames Valley through meetings, webinars, in person events, workshops and mentorship programs.

Staley Technologies

Staley Technologies

Staley Technologies is a US nationwide structured cabling, technology integrator, and Managed IT & Cyber Security provider.

Smartcomply

Smartcomply

Smartcomply is an automated and AI-powered cybersecurity and compliance platform that aids businesses in reducing the time and money spent on cybersecurity and compliance.

Lupasafe

Lupasafe

Lupasafe is an all-in-one cybersecurity platform for MSPs and SMEs. See all your cyber risks: From training to phishing, darkweb scans, continuous tech monitoring, AI insights, reporting & compliance.

RIIG Technology

RIIG Technology

Our mission is to empower organizations with high-quality, verifiable data and advanced intelligence solutions, ensuring robust security and effective risk management.