Learn how you can identify evolving cybercrime tactics.
Cybercrime is always evolving.
Today, the threat environment in cybersecurity evolves nearly as quickly as technology itself.
Who is behind these continual computer intrusions? Unfortunately, there are multiple sources; they can range from computer gurus looking for bragging rights, unethical businesses seeking to gain a competitive edge, criminal rings intent on profiting from sensitive, personal information, all the way to espionage rings and terrorists looking to rob our nation of critical information.
Whether we refer to them as cybercriminals or mere hackers, they are highly-skilled computer experts with the dogged determination of gaining unauthorized access to your data. Cyber threats may originate from a variety of sources and for many reasons:
- “Hacktivists” use the same tools and techniques as a hacker, but do so in order to draw attention to political or social causes. A typical tactic can be the complete disruption of service on government, religious and corporate websites. “Anonymous” is one of the best known hacktivist groups.
- Cybercriminals are those who act independently or within organized crime rings to steal financial data, personal credentials and credit card information, then either sell the information on what is known as the dark web (or black market) or directly access monetary accounts.
- Nation-states or foreign entities seek to spy, gain proprietary or classified information, or launch cyberstrikes in order to cause damage to individuals, companies or governments.
- Malicious insiders are colleagues you may know who are looking for ways to harm their own employer, steal information or make money. A recent SailPoint Market PulseSurvey found that one in five employees would sell their passwords and business-related credentials to someone outside of the organization, many for as little as $100.
- Bringing cybercriminals to justice can be daunting. The nature of the digital space allows for anonymity that can be challenging for law enforcement; it is difficult to find and arrest an individual identified only by a username. And, even if one is locked up, there is always another cybercriminal ready to step in and build on the foundation already laid.
Cybercrime practitioners are crafty at adapting new technologies and tactics. Phishing, for example, has been around for decades, but cybercriminals now use more targeted approaches, taking advantage of the wealth of information readily available on the web. Without careful inspection, it is difficult for the average person to distinguish a real email from a phishing attempt.
Examples of emerging cybersecurity trends.
Spearphishing & Whaling
Spearphishing attacks are conducted by emails and appear to be from a known individual or familiar business— and often include details pertinent to the recipient. Whaling attacks are similar to spearphishing except the targets are typically high-level executives, celebrities and politicians.
Gaining the information to conduct targeted phishing attacks is not difficult. A basic web search can now glean vast amounts of information about a company, including email addresses, job descriptions, office locations and current projects.
Social media sites, such as LinkedIn™ and Twitter™, hold even more specific information that can be used to spoof email addresses, create fake, intentionally malicious websites and send attachments that mimic the same files one would receive over the course of a normal work day.
Phishing attacks have different goals. Some want users to visit a site and provide information such as passwords and login credentials. Other attacks introduce malware into the network.
Ransomware
Ransomware is a form of malware that, when activated, encrypts or locks all of the files on a computer or network. To regain access to the files, the cybercriminal demands a ransom, typically paid with electronic currency such as bitcoin.
Ransomware is pretty straight-forward: pay the ransom and get the files back. However, cybercriminals see a huge market in this malware and are changing their tactics. In some cases, the cybercriminals are returning only a portion of the files and then demanding a second ransom be paid in order to release the remaining files.
It appears the next generation of ransomware is even more Machiavellian as it enables the software to be installed, the data encrypted even when the computers are offline and then the software targets data stored in the cloud.
Mobile Malware
Mobile devices are ubiquitous both at the workplace and in personal use, and cybercriminals have taken note. Malware designed for Android™ and Apple™ devices is embedded into popular apps or can masquerade as “legitimate” third-party downloads. For example, GM Bot is a new malware attacking Android devices.
Today, the threat environment in cybersecurity evolves nearly as quickly as technology itself. Creating proactive security systems that will protect against the most popular attacks of today and anticipate those of tomorrow is no small task and can only be achieved through constant vigilance, information gathering, and education.
Begin today, and you may thwart the cyberattack of tomorrow. Malware tricks users into entering their login credentials in fake screens, where the credentials are harvested. It can also intercept SMS codes and call backs from targeted financial institutions.
Social Networks
Cybercriminals love social networking sites. There, among the “Shares” and ”Likes,” exists an abundance of unique personal information ripe for exploitation as well as multiple “attack vectors,” the alternative paths the hacker can use to gain access to a victim’s computer or network.
Using the algorithms in popular sites like Facebook™, they’ll plant malicious videos, hoping the user will be interested enough to click on them or use baiting techniques – posts that encourage users to share so they can get a free smartphone, free gift card or a portion of someone’s lottery winnings. They’ll also play off trending topics to promote article links and websites loaded with malware.
These techniques, like phishing, are known as “social engineering” in the context of information security and rely on human curiosity, fear or trickery to elicit a response.
Thwart the next cyberattack
Today, the threat environment in cybersecurity evolves nearly as quickly as technology itself. Creating proactive security systems that will protect against ever-evolving attacks is no small task and can only be achieved through constant vigilance, information gathering and education. Be ever mindful, and you may thwart the next cyberattack.
To learn more, contact your local M&T Bank Relationship Manager or M&T Bank’s Commercial Service Team.
Cybersecurity and You
Protecting your information is one of our top priorities, which is why we at M&T Bank and Wilmington Trust (part of the M&T family), maintain an Enterprise Information Security Program.
But there are some things you can do to identify and manage cyber risks at home, in the office or on the go.
All trademarks, servicemarks and trade names referenced in the above are the property of their respective owners.
This content is for informational purposes only. It is not designed or intended to provide financial, tax, legal, investment, accounting, or other professional advice since such advice always requires consideration of individual circumstances. Please consult with the professionals of your choice to discuss your situation.