WEF Report Confirms Cyber Attack Risk Is Growing Worldwide

Uploaded on 2019-11-11 in NEWS-Cybersecurity News, FREE TO VIEW, TECHNOLOGY--Hackers

Cybercattacks represent the greatest risk in six out of ten of the top economies in the world and not just in the United States but world-wide. Attacks are growing in every business sector and all organisations need to manage cyber risks and threats. 

A new report from the World Economic Forum discusses form-jacking, crypto-jacking, ransomware like LockerGoga and other cyber-attacks of which CEOs around the globe are starting to become more aware. 

These different types of attacks break out as malicious code designed to steal monetary or physical assets from consumers and businesses. They’re also becoming more serious as time passes by. They cost companies around 12% more in damages in 2018 than in 2017. This should force executives to pay more attention to technical experts on staff during board meetings.

According to this report, India is the only country listed in the top seven global economies that has dropped cyber-attacks off of their top five risks. What is particularly troubling is that the attack went unreported for months and that the tools and techniques used by the malicious actors consisted of reused tools from 2015 and 2017 attacks. A phishing attack laid the groundwork for bad actors to establish a foothold. These attackers then took control of internal systems and used open-source tools to build upon and sustain their access.

Form-Jacking
With the boom in online marketplaces, it’s no surprise the cyber-attacks have risen in prevalence. Symantec in 2018 identified form-jacking as the process of intercepting payment forms and collecting data on retail websites. The issue spiked between August 2018 and September 2018 when Symantec reported on around 248,000 form-jacking attempts. In an attempt to determine patterns in the attacks, Symantec pulled 1,000 instances over a course of three days and discovered 57 websites were attacked across those attempts. The attacked sites were located all over the world and ranged in size from small businesses to global retailers.

One of the bigger hacking groups that uses form-jacking to gain information is a group called Magecart. In 2018, the group launched a campaign against British Airways, Ticketmaster, Feedify and Newegg. 

Interestingly enough, the lure to these companies was again the presence of a lot of third-party service providers. The reason for this is shared network infrastructure points where a third-party vendor may offer a weaker defense than the intended organisation. Companies who use services provided by third-party vendors are often forced to allow some network sharing.


A major example of this was evident in the Target breach of 2013. Target relied on a third-party company to manage heating, ventialtion a nd air-conditioning (HVAC) services. The security or training advisement was weaker on behalf of the third party. However, there was a linked portal allowing that vendor to access Target’s internal system. It could be that this attack’s ideology stems from successes in previous major security breaches of the past. 

When security requirements are a shared responsibility, more points of vulnerability often present themselves.

Crypto Jacking Malware
Crypto jacking was another point of note from the article as a rising cyber threat in the business realm. This attack is unique in its purpose. Machines that are breached are not sought out for their stored data but for their computing resources to aid in the mining of crypto currency. 

The hack is performed in a traditional manner by running malicious code on the target device or using a web application infection to load mining software on the victim’s machine. This attack vector should be troubling to major businesses worldwide, as hackers have begun to view these attacks as having more reward than risk.

As an alternative to crypto jacking, hacker groups can simply demand payments in cryptocurrency using ransomware. Crypto-malware is not a guaranteed payoff, and companies are increasingly embracing the idea of backing up data regularly and ensuring backup sites are ready to go should a breach take place. 

LockerGoga Ransomware
For the many businesses in 2019, an important cyber boogeyman was a ransomware family identified as LockerGoga. This was especially true for industrial and manufacturing firms with large stakes on the table. This year, French, Norwegian and American companies faced down this ransomware strain. FireEye told Wired that it has dealt with five or more attacks within the industrial and manufacturing sector.

What is most alarming about LockerGoga is the fact that there is no definitive determination on how hackers are initially gaining access to victim’s machines. 

Attackers seem to have credentials that grant them network access and hey can gain these details through traditional efforts by implementing social engineering tactics, purchasing credentials from hacker markets and phishing. The reason for concern to the industrial sector is the physical risks associated with that sector. Limiting control of systems and subsystems in that industry could have a direct impact for workers’ lives and environmental variables. From the reports provided by different regions, it seems that money is not always the biggest motivator for cyber-attacks. At the national level in each of these economies, political motives may have been present, as well. 

As the world moves to a more globalised economy working with each other, politicians’ relationships play a large part. Corrupt state-sponsored hacking groups with the power to infiltrate adversary federal governments may use that power to launch influence elections or even the economy in some cases. 

This can be done by holding independent businesses hostage in extortion-based cyberattacks or through social media marketing campaigns.

US federal organisations have been investigating Russian actors for “meddling” in the 2016 United States presidential election and that fear alone has changed how organisations responsible for voter-processes are preparing the presidential elections coming in 2020. Looking abroad, Canada could very well see significant cyber influence from foreign parties in their 2019 federal election. 

The problem stretches to Europe, as well, with public interference occurring in Germany, Finland, Croatia and the Czech Republic.

Some key findings from the report are similar to the main points of 2018 study. For that publication, 141 economies had the chance to choose among 30 options as the most significant risks facing them. From these 30 risks, 48 countries listed cyberattacks within their top five risks. Globally, cyberattacks rose from the fifth highest risk in 2018 to the second highest risk in 2019, topping national governance failures, unemployment and energy price shock.

According to the report, the top seven economies are China, France, Germany, Japan, India, the United Kingdom and the United States, not in that order. Six of the seven nations reported cyberattacks as one of their top five risks. Many of the solutions to the problems outlined by the report come down to being informed.

It is estimated that somewhere around 90% of all cyber shortcomings stem from a lack of knowledge and human error. 

For that other 10%, they should consider deploying detection devices to monitor traffic for anomalies in behavior, firewalling and abiding by common cyber security practices. 

Even for the tools mentioned that operate in the background at the packet level, even the best malware cannot always obfuscate activity. Smart detection devices in place can alert security teams to network maliciousness and aid in prevention and/or recovery from big data breaches.

For free Cyber training advice and information please contact Cyber Security Intelligence

World Economic Forum:        Tripwire:   

You Might Also Read:

World Economic Forum Cyber Risks Report:

 

« Cyber Insurance Might Actually Encourage Attacks
Artificial Intelligence & The Ethics Of War »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

IP Performance

IP Performance

IP Performance Limited is a leading supplier of customised network infrastructure and security solutions.

Professional Information Security Association (PISA)

Professional Information Security Association (PISA)

PISA is an independent and not-for-profit organization for information security professionals, with the primary objective of promoting information security awareness and best practice.

Vuntie

Vuntie

Vuntie blend European craftsmanship, performance and open-source technology to deliver cybersecurity services including penetration testing, incident response, training and consultancy.

Gradiant

Gradiant

Gradiant’s mission is to contribute to the growth and competitive improvement of Galician businesses through technology development and innovation using ICT.

Pentest People

Pentest People

Pentest People are a UK-based security consultancy focussing on bringing the benefits of Pentesting as a Service (PTaaS) to all its clients.

Cofrac

Cofrac

Cofrac is the national accreditation body for France. The directory of members provides details of organisations offering certification services for ISO 27001.

ICS Cyber Security Conference

ICS Cyber Security Conference

SecurityWeek’s Industrial Control Systems (ICS) Cyber Security Conference is the largest and longest-running event series focused on industrial cybersecurity.

Austrian Institute of Technology (AIT)

Austrian Institute of Technology (AIT)

AIT is Austria's largest research and technology organisation and a specialist in the key infrastructure issues of the future including data science and cybersecurity.

Knowledge Transfer Network (KTN)

Knowledge Transfer Network (KTN)

KTN links new ideas and opportunities with expertise, markets and finance through our network of businesses, universities, funders and investors.

Bugraptors

Bugraptors

BugRaptors is a certified software testing company with extensive experience as a third-party testing vendor, effectively proven as a leader in software testing & QA Services.

Ridge Canada Cyber Solutions

Ridge Canada Cyber Solutions

Ridge Canada helps insurance brokers and insurance buyers understand, evaluate, and secure cyber coverage that is tailored to their business.

Sekuro

Sekuro

Sekuro is your leading governance and cyber security partner. Building organisational resilience. Enabling fearless innovation.

Persistent Systems

Persistent Systems

Persistent Systems are a trusted Digital Engineering and Enterprise Modernization partner, combining deep technical expertise and industry experience to help our clients.

CI-ISAC Australia

CI-ISAC Australia

CI-ISAC has been designed to support and promote existing legislation and Government initiatives that are working to uplift cyber resilience across critical infrastructure sectors.

Oxygen Technologies

Oxygen Technologies

Oxygen Technologies is a business systems strategy and integration company offering a variety of solutions to give our clients ways to work smarter not harder.

NeuroID

NeuroID

NeuroID combines the power of industry-leading behavioral analytics with advanced device and network intelligence to create your first line of defense against malicious bots, bad actors, and fraud.