HOSTED NEWS
1 - Ransomware continues to terrorize businesses and government organisations
There were 1300 victims of ransomware who had their data publicly leaked in 2020. In the first half of 2021, that figure was already at 1100. This shows an increase of 70% already year on year. Infamous Ransomware groups like CL0p and REvil are reportedly expanding their efforts. Targeted companies are reporting that they were specifically targeted so the attackers could search inboxes and folders for compromising information tucked away in documents and emails.
Trends towards using stolen credentials instead of attacking infrastructure continue. They are also continuing to use tactics that were seen last year, including DDoS attacks and data exfiltration, and threatening to release sensitive stolen data to ensure ransom payments are made.
In 2020 ransomware pay-outs showed the highest growth rate of any cryptocurrency-related crime with total damages estimated as high as $20 billion.
Cl0p and REvil have jointly been responsible for some big headline attacks. These included JBS – the world’s largest meat producer. JBS decided to pay $11 million in ransom however they company still took several days to recover. Apple blueprints were stolen from Taiwan based Quanta Computer. Fujifilm based in Japan was forced to shut down some of its network due to a REvil ransomware attack after some of their systems were infected with Qbot Trojan. Finally, UK clothing manufacturer French Connection were the victim of another REvil attack where stolen data included the passports and identification cards of employees, including the CEO, Chief Operating Officer, and Chief Financial Officer.
2 - Phishing continues to be one of the key vectors of infection
The U.K.’s National Cyber Security Centre’s annual Active Cyber Defence Report shows that phishing scams continue to grow. They have taken down more than 1.4 million URLs associated with over 700,000 online scams.
Microsoft recently announced an ongoing spear-phishing campaign targeting the aerospace and travel sectors. The average loss from being successfully spear-phished is $1.6 million, with 30% of phishing emails being opened and 12% of these leading to users clicking on malicious links.
Phishing scams come in many forms. A recent campaign posing as an email from Walmart requested a reply with an updated address because a package could not be delivered. Those that reply with their address end up verifying their address and open themselves up for future attacks.
3 - Remote workers are under attack
Write a description for this list item and include information that will interest site visitors. For example, you may want to describe a team member’s experience, what makes a product special or a unique service that you offer.
4 - Attack monetisation and insider threats continue to rise
The commitment of cybercriminals to monetise every attack is clearly on the rise. Extortion, based on stolen confidential data is working particularly well for the criminals. Forrester predicted last year that insider data breaches would rise 8% in 2021 and that a third of all incidents will be from internal causes. The latest research from the Verizon 2021 Data Breach Investigations Report confirms this prediction – suggesting that insiders are responsible for around 22% of security incidents. In 2021, a software developer from an unnamed company in Cleveland, Ohio (USA) was arrested and faces charges of allegedly placing malicious code on his employers’ servers. It is alleged that he placed malicious code on production servers causing them to crash. When asked to return his company issued laptop it was found he had deleted encrypted volumes and Linux directories. He had also searched the internet for information on how to hide processes, escalate privileges and delete large folders and files.
5 - Cybercriminals are trying to automate their processes
Automation saves time and increases productivity. Cybercriminals know this and are doing their best to automate their processes wherever possible. Big data tools allow them to find new victims and generate fully personalised spam messages. Cloud services continue to be attacked via more traditional methods including phishing, unpatched vulnerabilities, and poorly configured remote access.
