GDPR Will Fuel Criminal Extortion

Uploaded on 2018-03-01 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Law

The number of exploit kit attacks is, slowly but surely, going down, and malware peddlers are turning towards more reliable tactics such as spam, phishing, and targeting specific, individual vulnerabilities.

The bad news is that everything else is on the rise: BEC scams, ransomware, stealthy crypto-mining, the number of enterprise records compromised in data breaches.

Last Year’s Threat Landscape

Trend Micro has released its annual security roundup of 2017 and it shows several interesting trends that will likely continue into 2018:

BEC scams (Business Compromising Emails) more than doubled in the second half of 2017 over the first half, and BEC incidents cost companies billions of dollars. This particular scam is very effective, relatively simple to pull off and can net criminals substantial sums, so it’s no wonder that it’s so popular.

Also, even though these scams have received much attention from the press, there’s seemingly a never-ending pool of potential victims who still don’t know about them, and readily fall for it. No company or industry is safe: the scammers go after tech companies, real estate firms and home buyers, art galleries and dealers, transportation companies, and so on.

The meteoric ascent of stealthy crypto-mining. Criminals going after cryptocurrency can choose between a variety of tactics: they can create apps carrying mining malware, compromise websites and make them quietly serve mining scripts, trick ad networks into delivering miners, deliver malware that steals crypto-currency wallets, and so on. 

Also, they can compromise crypto-currency exchanges and IPO offerings, or trick users into handing them their funds through simple scams.

Another interesting discovery is that compromised IoT devices are used less to fuel DDoS attacks, and more to for crypto-currency mining, despite the fact that processing power of small IoT devices is limited. Still, the criminals count on “strength in numbers.”

Ransomware still going strong. 2017 witnessed the emergence of over 300 new ransomware families. Their names are many and varied: some are as plain and direct as “Blackmail,” “Locked,” or “Payment”; some evoke more popular threats (“WannaSmile,” “LockCrypt,” “Spectre,” “CoNFicker”); and other seem randomly chosen words and variations (“Bubble,” “Zero,” “Oops”)

You probably haven’t heard about most of them, as the number of their infections is dwarfed by the real, widespread threats: WannaCry, Cerber, and Locky.

“Overall, the total WannaCry detections towered over both Cerber and Locky, two of the biggest ransomware players in terms of longevity, and even the rest of the ransomware families combined,” the researchers shared.

Other ransomware attacks of note in 2017 were Bad Rabbit and the attack that resulted in a South Korean web hosting provider paying $1 million to the attacker, who leveraged a Linux variant of the Erebus ransomware.

2018 Threat Landscape

Cyber criminals have made a definite move towards extorting organisations and are refining and targeting their attacks for greater financial return.

“The 2017 roundup report reveals a threat landscape as volatile as anything we’ve seen, with cybercriminals increasingly finding they’re able to gain more, whether it’s money or data or reputation damage, by strategically targeting companies’ most valuable assets,” says Jon Clay, director of global threat communications for Trend Micro.

The company’s researchers believe that, with the advent of GDPR, it’s likely that some criminals will try to extort money from enterprises by first determining the GDPR penalty that could result from an attack, and then demanding a ransom of slightly less than that fine, which CEOs might opt to pay.

Another definitive trend is the extremely obvious attackers’ preference for spam email as the main ransomware propagation mechanism.

Between that and BEC scams, the need for effective spam blocking solutions and security awareness training on phishing and social engineering tactics seems quite obvious.

HelpNetSecurity

You Might Also Read: 

Delve Into GDPR - Questions & Answers:

Cyber Threats Will Grow With GDPR:

 

 

« North Korea's Cyber Army Has A New Battalion
The Web Is Dying. Make Way For The Trinet »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Perforce Software

Perforce Software

Perforce helps companies build complex software products more collaboratively, securely, and efficiently.

iXsystems

iXsystems

iXsystems is a leader in Open-Source enterprise server and storage solutions including Backup & Recovery to protect critical data.

Seagate Technology

Seagate Technology

Seagate data storage systems are purpose-built for enterprise and data centre performance, scalability, reliability and security.

Bolton Labs

Bolton Labs

Bolton Labs is a leading provider cybersecurity services, tools, and analysis for MSPs and organizations who want to scale their security offerings.

achelos

achelos

achelos is an independent software development company providing innovative technical solutions for micro-processor chips / security chips and embedded systems in security-critical application fields.

PrivateVPN

PrivateVPN

PrivateVPN is a Virtual Private Network services provider offering secure encrypted access to the internet.

archTIS

archTIS

archTIS specialises in the design and development of products, solutions and services for secure information sharing and collaboration.

ISARR

ISARR

The ISARR software platform - your bespoke Risk, Resilience & Security Management solution. Simple, cost effective and adaptable, now and into the future.

Axur

Axur

Discover and eliminate digital fraud and risks on the web. Utilize Axur’s entire AI potential, along with thousands of bots dispersed throughout the surface web as well as the deep and dark web.

FoxTech

FoxTech

FoxTech is an independent, friendly and deeply specialised cyber security company in the UK, with expertise spanning decades of Public Sector and Government services.

PacketViper

PacketViper

PacketViper’s Deception360 actively defends networks with deception-based threat detection and automated response to both external and internal cyber threats.

OSC Edge

OSC Edge

OSC was founded with the vision of providing expert solutions in IT to government and businesses. OSC Edge empowers organizations with solutions that prepare them for today and tomorrow.

Chestnut Hill Technologies (CHT)

Chestnut Hill Technologies (CHT)

CHT provide Best Practices IT Cybersecurity and Technology Solutions and Consulting Support to the Mid Cap through Fortune 1000 Nationwide.

Nerds On Site

Nerds On Site

Nerds On Site provide on-site & in-home IT and technical support, managed IT services, and cyber security through our collaborative team of highly-trained IT and Security professionals.

ScamAdvisor

ScamAdvisor

ScamAdviser helps over 3 million consumers every month to discover if a website is legitimate or a possible scam.

Fraud.net

Fraud.net

Fraud.net operates the first end-to-end fraud management and revenue enhancement ecosystem specifically built for digital enterprises and fintechs globally.