Four cyber attacks we should all prepare for
By Florian Malecki, International Product Marketing Director, StorageCraft
Wednesday, 14 November, 2018
Understanding the new technologies being used by cybercriminals is the first step to preventing a devastating cyber attack.
As cybercriminals are becoming ever smarter, the coming months promise to bring some of the most advanced attacks the world has seen. Since global cybercrime is estimated to cost around $8.4 trillion per year (according to McAfee), clearly digital crime is just as lucrative for criminals as it is damaging to businesses.
We must prepare for the worst. And the first step in doing so is to understand the new technologies being employed by criminals to steal data and money while destroying reputations along the way. Here are the four biggest threats to watch out for.
AI and machine learning-based attacks
Cybercriminals are beginning to harness artificial intelligence (AI) and machine learning tools in a number of clever ways. Machine-learning models can craft convincing fake messages, so the technology presents a convenient option for criminals executing phishing attacks. AI can also be used to create malware capable of fooling sandboxes to access companies’ systems.
According to McAfee’s annual threat prediction report, sophisticated attacks using AI and machine learning are likely to be among the biggest threats we face. Although these attacks are becoming more advanced, typically they still rely on classic phishing tactics. We can prevent them by educating users about how to spot and avoid various online scams.
Threats such as WannaCry and dozens of others are permanent reminders of the damage ransomware causes, and the problem continues to grow. According to Trend Micro, ransomware was its number one cyber threat for 2018, calling it the “land of milk and honey for cybercriminals”.
Fortunately, the cybersecurity world is beginning to catch up. Users are more scrupulous, fewer off-the-shelf ransomware attacks are appearing and law enforcement agencies are working to crack down on this type of cyber fraud.
But despite these efforts, the growth of ransomware is a clear indicator that we should stay vigilant. The best way to avoid falling prey to ransomware — apart from deploying next-generation firewalls, sandboxing, email security and antivirus solutions — is to make sure we have rock-solid backups, storage and recovery point objectives that are within an organisation’s data loss tolerances.
Email compromise scams
Cybercriminals are stealing billions of dollars simply by sending ever-more-innovative spoofed emails that look quite convincing to the untrained eye. The FBI reported that business email compromise scams increased 2370% between January 2015 and December 2016 and it has been predicted that email scams will lead to close to US$9 billion (AU$12.6 billion) in global losses this year.
One important thing to remember is that organisations must use protocols for various types of transactions, producing a system of checks and balances within the organisation that can stop fraudulent transactions from going through. When it comes to phishing attacks through email, users should know how to spot them, so that they never open them by mistake.
Connected device attacks
The last couple of years have seen many distributed denial-of-service (DDoS) attacks that leveraged hundreds of thousands of hijacked Internet of Things (IoT) devices. These attacks are likely to increase because they often allow hackers to create proxies and hide location data and web traffic, making it difficult for law enforcement to figure out where the attacks are coming from. Trend Micro notes that many IoT devices take longer to patch, so vulnerabilities can remain for longer periods of time.
Other vulnerable devices include aerial drones, wireless home devices and even bio-implants such as pacemakers. Many devices lack built-in security, so users must take responsibility for their own security by ensuring that passwords are secure, and device firmware is always up to date.
How to stay protected
As cyber attacks become increasingly frequent and sophisticated, especially ransomware, organisations of all sizes need to deploy a multilayer security approach, including:
- Educating staff — they are the frontline defence in most cases, so make sure they know what’s required (or not required) of them.
- Limit and manage admin rights — not all employees need the same level of access, so make sure that you are giving admin rights only to those who truly need them (particularly with the most sensitive data).
- Patch all endpoint device operating systems, software and firmware as vulnerabilities are discovered.
- Deploy antivirus endpoint protection with updated signatures, endpoint sandboxing and next-gen antivirus.
- Ensure that network sandboxing, next-generation firewalls and email security solutions are in place to block phishing attacks.
- Check your organisation’s backup and recovery process with well-defined frequency — you may find you’re not backing up critical data that has arrived only recently.
- Finally, make sure your organisation is equipped with next-generation scale-out storage. As data volumes grow, you will need a solution that can grow and protect that data with continuous snapshots that are immutable to ransomware.
It’s obvious that investing in technologies and strategies that prevent the latest attacks is the only wise move. When it comes to protecting data and preventing cyber attacks, the tools and strategies described above will easily pay for themselves if they prevent even a single attack.
As cybercriminals continue to ramp up their attacks, traditional security tools are no longer up...
AusCERT is launching a new brand image and website to further enhance the service it provides to...
The NSW Government has established Cyber Security NSW within the state's Department of...