+1 206 446 0600 umv@merysolsecurity.com

Threat Landscape now and in the near future – update

The threats posed by the cybercriminals are real. They go far beyond being just an inconvenience to us like, for example, deleting photos on our phones or computers, rather they can certainly create serious problems for individuals, businesses and governments alike.

In this section, we will explore the current cybersecurity threat landscape. We will describe the different types of threats and how they affect different segments of our society.

These threats can be grouped as follows:

Ransomware.  These are embodied by malicious software that, after landing in the victim’s IT environment, encrypt sensitive data making it illegible or inaccessible to the victim. The cybercriminals then request that the victims pay a ransom to de-encrypt the information.

Since data is increasingly important for business operations and decision-making, its loss, even temporary, can have a massive financial and reputational damage.

According to a report from Coalition for Cyber Insurance, ransomware was responsible for 41% of all cyberinsurance claims in H1 2020 for 25,000 small and midsize organizations across every sector in US and Canada.

Ransomware can affect everyone. Governments, Hospitals, Large Companies, Small business and even individuals. There are increasingly cases where hackers target individuals and demand payment to stop them from releasing embarrassing or compromising information to their email contacts.

In 2021 and beyond, data exfiltration is poised to become bigger that encryption. Strikes against Cloud services will only grow alongside the services popularity.

Social Engineering – Phishing. This is the fraudulent practice of tricking the person into revealing personal or company information such as passwords and credit card numbers. With that information, the hacker can install further malware in your system to steal even more details and perpetrate damage like ransomware.

There are different varieties of Phishing attacks. For example: Email phishing, Spear Fishing, Whaling, Smishing (SMS), Vishing (Voice), search engine phishing / SEO.  Other types of Social Engineering are Pretexting, Baiting, Tailgating and Quid pro quo.  All are after the same thing: get your data so they can breach your system(s).

In most cases, hackers compel individuals to visit certain websites that seem legitimate and once there they can persuade them to reveal their information. These sites can pose as any type of website. The prime candidates are banks, PayPal, social media, Virtual Conferencing (Zoom, Microsoft Teams, Cisco Webex), and shopping sites.

Remote Work Tools Attacks. The Covid-19 pandemic has led to companies allow their employees remote access to internal company servers. Tools that enable collaboration and remote access to these servers are ripe for attack from cybercriminals. Companies must vet and configure these tools.

Denial of Service.  This is an attack where a perpetrator seeks to make a machine or network resource unavailable to its intended users by disrupting its services. Typically, this is done by flooding it with superfluous requests to overwhelm it and prevent legitimate requests to be fulfilled. This is certainly a malicious attack. Revenge, blackmail or activism can motivate these attacks.

Supply Chain Attacks.  IT services are no longer optional, even for small companies. As a result, many small businesses rely on managed services providers (MSPs) for these needs. Unfortunately, many MSP are being attacked by hackers as they realize that they can compromise all the MSPs customers at once.  MSPs must be aware of software vulnerabilities in their systems and social engineering techniques to protect themselves and their clients.

Zero-Day Vulnerabilities. These are vulnerabilities unknown to the product developers and thus for which there is no mitigation known. Therefore, if hackers get to discover them, they could exploit it for their purposes until a fix is found.   These vulnerabilities can be very damaging because they allow the hackers to install malware in the victims’ IT installations.  Hackers can then unleash attacks later on, at their convenience, with impunity.  An example of this is the Hafnium attack on Microsoft Exchange Servers in early 2021. Thousands of installations were affected worldwide.

Identity Theft. Typically, it occurs when someone uses another person’s personal identifying information, like name, credit card number or social security number, without their permission to commit fraud or other crimes. This is a likely result from a Phishing attack.

You May Also Like …


Submit a Comment

Your email address will not be published. Required fields are marked *