GDPR Will Fuel Criminal Extortion

Uploaded on 2018-03-01 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Law

The number of exploit kit attacks is, slowly but surely, going down, and malware peddlers are turning towards more reliable tactics such as spam, phishing, and targeting specific, individual vulnerabilities.

The bad news is that everything else is on the rise: BEC scams, ransomware, stealthy crypto-mining, the number of enterprise records compromised in data breaches.

Last Year’s Threat Landscape

Trend Micro has released its annual security roundup of 2017 and it shows several interesting trends that will likely continue into 2018:

BEC scams (Business Compromising Emails) more than doubled in the second half of 2017 over the first half, and BEC incidents cost companies billions of dollars. This particular scam is very effective, relatively simple to pull off and can net criminals substantial sums, so it’s no wonder that it’s so popular.

Also, even though these scams have received much attention from the press, there’s seemingly a never-ending pool of potential victims who still don’t know about them, and readily fall for it. No company or industry is safe: the scammers go after tech companies, real estate firms and home buyers, art galleries and dealers, transportation companies, and so on.

The meteoric ascent of stealthy crypto-mining. Criminals going after cryptocurrency can choose between a variety of tactics: they can create apps carrying mining malware, compromise websites and make them quietly serve mining scripts, trick ad networks into delivering miners, deliver malware that steals crypto-currency wallets, and so on. 

Also, they can compromise crypto-currency exchanges and IPO offerings, or trick users into handing them their funds through simple scams.

Another interesting discovery is that compromised IoT devices are used less to fuel DDoS attacks, and more to for crypto-currency mining, despite the fact that processing power of small IoT devices is limited. Still, the criminals count on “strength in numbers.”

Ransomware still going strong. 2017 witnessed the emergence of over 300 new ransomware families. Their names are many and varied: some are as plain and direct as “Blackmail,” “Locked,” or “Payment”; some evoke more popular threats (“WannaSmile,” “LockCrypt,” “Spectre,” “CoNFicker”); and other seem randomly chosen words and variations (“Bubble,” “Zero,” “Oops”)

You probably haven’t heard about most of them, as the number of their infections is dwarfed by the real, widespread threats: WannaCry, Cerber, and Locky.

“Overall, the total WannaCry detections towered over both Cerber and Locky, two of the biggest ransomware players in terms of longevity, and even the rest of the ransomware families combined,” the researchers shared.

Other ransomware attacks of note in 2017 were Bad Rabbit and the attack that resulted in a South Korean web hosting provider paying $1 million to the attacker, who leveraged a Linux variant of the Erebus ransomware.

2018 Threat Landscape

Cyber criminals have made a definite move towards extorting organisations and are refining and targeting their attacks for greater financial return.

“The 2017 roundup report reveals a threat landscape as volatile as anything we’ve seen, with cybercriminals increasingly finding they’re able to gain more, whether it’s money or data or reputation damage, by strategically targeting companies’ most valuable assets,” says Jon Clay, director of global threat communications for Trend Micro.

The company’s researchers believe that, with the advent of GDPR, it’s likely that some criminals will try to extort money from enterprises by first determining the GDPR penalty that could result from an attack, and then demanding a ransom of slightly less than that fine, which CEOs might opt to pay.

Another definitive trend is the extremely obvious attackers’ preference for spam email as the main ransomware propagation mechanism.

Between that and BEC scams, the need for effective spam blocking solutions and security awareness training on phishing and social engineering tactics seems quite obvious.

HelpNetSecurity

You Might Also Read: 

Delve Into GDPR - Questions & Answers:

Cyber Threats Will Grow With GDPR:

 

 

« North Korea's Cyber Army Has A New Battalion
The Web Is Dying. Make Way For The Trinet »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

DataLocker

DataLocker

DataLocker offers both hardware based external storage and software based cloud storage encryption solutions.

Openminded (OPMD)

Openminded (OPMD)

Openminded is a French security and network services company.

KZ-CERT

KZ-CERT

KZ-CERT is the national Computer Emergency Response Team for Kazakhstan.

SISA

SISA

SISA is a global forensics-driven cybersecurity solutions company, trusted by leading organizations for securing their businesses with robust preventive and corrective cybersecurity solutions.

Untangle

Untangle

Untangle provides network security products designed specifically for the below-enterprise market, safeguarding businesses, home offices, nonprofits, schools and governmental organizations.

TechArch

TechArch

TechArch helps customers to optimize their investments in cybersecurity by providing them independent and vendor-neutral consultation and guidance.

NetSecurity

NetSecurity

NetSecurity is a Brazilian company specializing in Information Security. We provide Managed Security Services (MSS), network security solutions and other specialist services.

Open Systems

Open Systems

Open Systems is a Secure Access Service Edge (SASE) pioneer delivering a complete solution to network and security.

Prevasio

Prevasio

Prevasio is a next-gen Cloud Security Posture Management (CSPM) with a built-in Vulnerability and Anti-Malware Scan for Containers.

Gotham Digital Science (GDS)

Gotham Digital Science (GDS)

Gotham Digital Science is an international security services company specializing in Application and Network Infrastructure security, and Information Security Risk Management.

Secure Diversity

Secure Diversity

Secure Diversity is an innovative non-profit organization with leaders that think out of the box to create strategies & solutions to increase diversity in the cybersecurity industry.

Zilla Security

Zilla Security

Zilla combines identity governance with cloud security to deliver comprehensive access visibility, reviews, lifecycle management, and policy-based security remediation.

HackersEra

HackersEra

HackersEra is a leading offensive cybersecurity service provider. We enable our clients to operate in a more secure environment efficiently and produce more value.

Beyon Cyber

Beyon Cyber

Beyon Cyber offer a complete portfolio of advanced solutions & services for cyber security in Bahrain.

Zeron

Zeron

Zeron build bridges between security teams and top management. Our platform unifies your cyber risk posture seamlessly, encompassing threat insights and quantifiable risk scenarios.

Mindflow

Mindflow

Mindflow is dedicated to bringing answers to the challenges the cybersecurity field and beyond face today.