October 27, 2017
While most people are opening doors to cute ghouls in costume this season, for many business owners/security professionals, the ghost in the machine is an online attack, and that’s scary business. We take a look at the top 10 scariest cyberattacks that have kept many IT Pros up at night.
Ransomware Rising- Attack of the Zombies
While many versions of ransomware have been hard at it for years now, one particularly effective version gave us a brief respite earlier this year, only to see it rise from the dead in late August. Ransomware known as Locky has been wreaking havoc for years now but went dark for a few months earlier in the year only to return in August with some variations in its techniques. The best defense for this is a layered approach with a combination of prevention alongside a solid backup strategy.
Like any good horror story, the scariest threats can come from careless, complacent or even well-intentioned employees who have intimate knowledge of the company’s network and accounts. In the case of a disgruntled former employee, access can be revoked immediately but with the employee who accidentally falls for a social engineering scam, your network may never be the same.
Falling Victim to Data Breach
Invasion of the identity snatchers are taking over your existence. We seem to hear about devilish data breaches on daily basis as of late. In fact, 2017 brought about what may be the most damaging data breach to date with nearly half of the US population being effected by the Equifax breach. This was a veritable treasure trove of personal data that was exposed to the attackers. Including names, birth dates, social security numbers, addresses and in some cases driver’s licenses and credit card information as well. This provides whomever is in control of this data the ability to commit identity theft on a scale never before seen. This could amount to a financial version of Invasion of the body snatchers in short order.
This is what happens when advanced hacking tools or in this case, zero-day exploits fall into the wrong hands. After a group called The Shadow Brokers began releasing stolen NSA hacking tools online a network infection exploit dubbed EternalBlue was leveraged by a group in a large scale cyberattack the spread ransomware around the globe and infected roughly 230,000 computers in over 150 countries. This caused major disruptions for all types of organizations across the globe, including the UK’s National Health Services.
A Future of Unknowns
IT security pros spend a lot of time researching the world of cybercrime so that they can stay out of harm’s way. Happily, White Hats are good at disseminating information to their peers when breach occurs. But what about those unknown exploits or zero-days being leaked online with regularity? It’s enough to keep IT pros up at night.
Protecting a Network Without Sufficient Funds
Whether it’s locating qualified staff or convincing upper management that system updates are necessary expenditures, the lack of funds can seriously impede the health of an organization’s security posture.
Phishing and Business Email Compromise (BEC) Attacks
Today’s spooky and scary phishing attacks range from highly targeted spear phishing to the more traditional cast net style attack. In both cases, the cybercriminals have continued to hone their techniques to improve their success rate against their targets by adding greater detail and customization. One popular form of spear phishing that our team has been combatting with greater frequency this year are targeted messages that lead to wire transfer fraud. Often referred to as Business Email Compromise (BEC), these have remained a popular attack vector throughout 2017. BECs have been estimated to have netted cybercriminals profits well into the billions of US dollars in the past few years.
State Sponsored Attacks
Not that long ago a group identifying itself as the Izz ad-Din al-Qassam Cyber Fighters was waging an ongoing series of DDOS attacks against major U.S. banking institutions. The group’s attack has caused major interruptions for targeted systems and reportedly operates under the direction of the Iranian government. Other examples include the recent attack on energy giant Telvent, which fell victim to a sophisticated cyber intrusion and intellectual property theft that was directly related to advanced smart grid technologies.
Hacktivists commit crimes to expose their victims’ perceived wrongdoing. Hacktivism continues to thrive. In fact, hacktivists are increasingly posting their intended targets’ identities (often in advance) on open forums, while divulging the spoils of their crime after the fact. Large corporations and law enforcement agencies have been popular targets recently with the intent to damage reputation or disrupt workflow. Unfortunately, countless security breaches have been committed, with stolen data of innocent people (i.e., customer account information, usernames, passwords, etc.) often made public to showcase hactivism “success.”
The Advanced Persistent Threat
APTs are attacks targeting either political, governmental or business entities. Unlike the vast majority of attacks that are aimed at getting in and out as quickly as possible for immediate financial gain, APTs are generally surreptitious with greater focus on maintaining its presence on a system. APTs often utilize the same infection vectors as other attacks such as spear phishing emails, web-based drive by infections, DNS based attacks, infected USB sticks(or other hardware) and external hacking. Operators often combine an array of attack tools and methods to increase the effectiveness of the attack. They tend to take a detailed, patient approach in order to get from the entry point of the attack to the actual target. The target can vary from data that the attacker infiltrates from the infected system, or like in a case like Stuxnet, attack and destroy a very specific target. Another important factor to consider with APTs is that the target entity is not just being targeted by a piece of malware but maybe a dedicated human being or a team of humans, making the likelihood of success infinitely greater. Perhaps the scariest part of these attacks is that you may never know you are a victim.
Read more tips about keeping your company secure at TechCo
Did you like this article?
Get more delivered to your inbox just like it!