Malware has evolved to be more stealth-like than ever and open to almost anyone to carry out an attack. This democratization of the cybercrime ecosystem paves the way for new, unskilled attackers to enter the malware distribution arena.
New breed of hackers: Hacking as we knew it has changed. While in the beginning it was the handiwork of overenthusiastic individuals honing their cyber-skills by finding loopholes in live systems, hackers today are financially motivated and run their operations under the aegis of organized criminal organizations, according to the 2019 Security Report by Checkpoint Software Technologies Ltd, released this month. The hacker arrested by the US department of justice in September 2018 for the WannaCry ransomware attack of 2017, for instance, was part of a criminal organization called the Lazarus Group with alleged links to the North Korean government.
Further, with more businesses moving their operations online, vast amounts of financial and critical business-related data is now stored in data centres. For cybercriminals, this is a huge opportunity as they can not only break into company systems and steal data but can take control and lock out the owners of their own systems. For instance, the Petya ransomware, which affected 2,000 enterprises in 65 countries, had locked users out of their own systems.
Hackers know what to target: According to Checkpoint, more than 10,000 different malicious files are detected per day while 700 malware families are being used on a daily basis. Initially, most of the ransomware attacks such as WannaCry and Petya didn’t have any specific target. Cybercriminals have changed tactics and are now striking at their most vulnerable point of the target.
Cloud is the weakest link: Cloud computing is an integral part of any enterprise’s operations. It allows stakeholders in the company to access their data from any location or device. To make this process less complicated, often the level of verification and security are not very stringent. This makes services running on the cloud more vulnerable to cyberattacks compared to on-premise services.
To break into cloud networks, hackers only need access to one of the employees’ email or computer account, which they acquire by sending a phoney mail (that might appear genuine) with a malicious link hoping the target will click on it. According to a 2018 report by Dome9., 18% of organizations were involved in cloud related security breaches in 2017.
Mobile and IoT are the Achilles heel: For ease of operations, most organizations have relaxed their bring your own device rules, allowing employees to routinely access work-related data through their personal smartphones. This proliferation of personal devices at workplaces has increased the risks for companies. According to Checkpoint, cybercriminals can spy on users and capture their login credentials while they log in to corporate systems containing sensitive data via their smartphones. Internet of Things (IoT) is another area that is growing very fast with little regard to security. Checkpoint rues that the problem with IoT device security is that the solutions are often poorly coded.
What lies ahead for organizations?: Experts at Checkpoint believe there will be more targeted attacks in the future as cybercriminals are eyeing higher returns. Cloud infrastructure will face more Cryptojacking attacks (unauthorized use of someone else’s computer to mine cryptocurrency) as hackers will require assets that offer greater CPU capacity for faster mining and the scalability of cloud services will allow them to do that. Also, many organizations are still not fully aware of its crippling effects, notes Checkpoint. Attacks on mobile devices are also expected to grow, but instead of multiple forms of attacks, cybercriminals may use an all-in-one mobile malware with multiple capabilities, it notes. Further, with artificial intelligence (AI) becoming an integral part of operations of many organizations, cybercriminals will try to manipulate AI systems. IoT devices, on their part, are predicted to remain the weakest link in security as they are harder to secure.
Moreover, following the roll-out of general data protection regulations in the European Union, more countries are going to come up with their own data protection laws. This means organizations won’t be able to brush away any data breaches involving user data and will have to make them public.