GDPR Will Fuel Criminal Extortion

The number of exploit kit attacks is, slowly but surely, going down, and malware peddlers are turning towards more reliable tactics such as spam, phishing, and targeting specific, individual vulnerabilities.

The bad news is that everything else is on the rise: BEC scams, ransomware, stealthy crypto-mining, the number of enterprise records compromised in data breaches.

Last Year’s Threat Landscape

Trend Micro has released its annual security roundup of 2017 and it shows several interesting trends that will likely continue into 2018:

BEC scams (Business Compromising Emails) more than doubled in the second half of 2017 over the first half, and BEC incidents cost companies billions of dollars. This particular scam is very effective, relatively simple to pull off and can net criminals substantial sums, so it’s no wonder that it’s so popular.

Also, even though these scams have received much attention from the press, there’s seemingly a never-ending pool of potential victims who still don’t know about them, and readily fall for it. No company or industry is safe: the scammers go after tech companies, real estate firms and home buyers, art galleries and dealers, transportation companies, and so on.

The meteoric ascent of stealthy crypto-mining. Criminals going after cryptocurrency can choose between a variety of tactics: they can create apps carrying mining malware, compromise websites and make them quietly serve mining scripts, trick ad networks into delivering miners, deliver malware that steals crypto-currency wallets, and so on. 

Also, they can compromise crypto-currency exchanges and IPO offerings, or trick users into handing them their funds through simple scams.

Another interesting discovery is that compromised IoT devices are used less to fuel DDoS attacks, and more to for crypto-currency mining, despite the fact that processing power of small IoT devices is limited. Still, the criminals count on “strength in numbers.”

Ransomware still going strong. 2017 witnessed the emergence of over 300 new ransomware families. Their names are many and varied: some are as plain and direct as “Blackmail,” “Locked,” or “Payment”; some evoke more popular threats (“WannaSmile,” “LockCrypt,” “Spectre,” “CoNFicker”); and other seem randomly chosen words and variations (“Bubble,” “Zero,” “Oops”)

You probably haven’t heard about most of them, as the number of their infections is dwarfed by the real, widespread threats: WannaCry, Cerber, and Locky.

“Overall, the total WannaCry detections towered over both Cerber and Locky, two of the biggest ransomware players in terms of longevity, and even the rest of the ransomware families combined,” the researchers shared.

Other ransomware attacks of note in 2017 were Bad Rabbit and the attack that resulted in a South Korean web hosting provider paying $1 million to the attacker, who leveraged a Linux variant of the Erebus ransomware.

2018 Threat Landscape

Cyber criminals have made a definite move towards extorting organisations and are refining and targeting their attacks for greater financial return.

“The 2017 roundup report reveals a threat landscape as volatile as anything we’ve seen, with cybercriminals increasingly finding they’re able to gain more, whether it’s money or data or reputation damage, by strategically targeting companies’ most valuable assets,” says Jon Clay, director of global threat communications for Trend Micro.

The company’s researchers believe that, with the advent of GDPR, it’s likely that some criminals will try to extort money from enterprises by first determining the GDPR penalty that could result from an attack, and then demanding a ransom of slightly less than that fine, which CEOs might opt to pay.

Another definitive trend is the extremely obvious attackers’ preference for spam email as the main ransomware propagation mechanism.

Between that and BEC scams, the need for effective spam blocking solutions and security awareness training on phishing and social engineering tactics seems quite obvious.

HelpNetSecurity

You Might Also Read: 

Delve Into GDPR - Questions & Answers:

Cyber Threats Will Grow With GDPR:

 

 

« North Korea's Cyber Army Has A New Battalion
The Web Is Dying. Make Way For The Trinet »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Nutanix

Nutanix

The Nutanix enterprise cloud platform provides performance, robust security, and seamless application mobility for a broad range of enterprise applications.

D-Fence

D-Fence

D-Fence high availability security service protects corporate email communication, the company and it's employee's against cyber threats.

Six Degrees

Six Degrees

Six Degrees is a leading secure, integrated cloud services provider. We protect UK organisations and help them thrive in the cloud by giving them secure platforms to innovate and grow.

Metro Systems

Metro Systems

Metro Systems offer fully integrated IT solutions & services covering Digital Transformation, Digital Infrastructure, Cyber Security and Training.

CultureAI

CultureAI

CultureAI deliver intelligent cyber security awareness education and tools that build resilient security cultures where employees help defend.

Secure Code Warrior

Secure Code Warrior

Secure your code from the start with gamified, scalable online secure coding training for software developers.

World Congress on Industrial Control Systems Security (WCICSS)

World Congress on Industrial Control Systems Security (WCICSS)

The World Congress on Industrial Control Systems Security (WCICSS) is focused on emerging trends in protection of industrial control systems.

Business Resilience International Management (BRIM)

Business Resilience International Management (BRIM)

Business Resilience International Management (BRIM) is engaged by law enforcement in the UK and overseas to advise on establishing and developing Cyber Resilience Centres (CRCs) for business.

Dhound

Dhound

Dhound is a cybersecurity company providing web application penetration testing.

ShardSecure

ShardSecure

ShardSecure Microshard technology eliminates data sensitivity, providing security, privacy and compliance beyond encryption.

Wisetek

Wisetek

Wisetek is a global provider of end-to-end IT Asset Disposition (ITAD), reuse and secure data destruction management services to the world’s leading IT Corporations, data centres and manufacturers.

Tetra Defense

Tetra Defense

Tetra Defense is a leading incident response, cyber risk management and digital forensics firm.

Tsaaro Academy

Tsaaro Academy

Tsaaro Academy is a unique privacy certification training platform and here you earn a privacy certification CEH, CISM and DPO from India’s No.1 Privacy training platform.

Ignite Cyber

Ignite Cyber

IGNITE Cyber is focused on enabling secure technology adoption through intelligent business decisions. We are focused on providing a secure and stable business environment for everyone.

Northern Computer

Northern Computer

Northern Computer provides comprehensive IT solutions that streamline your operations and help you achieve your business goals.

InnovateHer

InnovateHer

At InnovateHer, our vision is to make the tech sector more equitable, by increasing diversity across the spectrum and creating more inclusive workplaces.