The most common of modern cyber attacks that your business could face in 2018 and ways to avoid them.

The 2017 news base was dominated by cyber threats, cyber crimes, breaches and more. At every turn of the page you were overwhelmed with headlines surrounding breaches of major companies, viral ransomware and leaks of spy tools from U.S. intelligence agencies.

Unfortunately, 2018 seems likely to be another year of threats across the board. The mission for all involved in the security space is to constantly educate, share and empower one another to be prepared for what is ahead.

2018 brings a plethora of security issues – each more fascinating and challenging than the last:

Non-Malware Attacks

The future of client-side malware attacks is fileless. And it would appear the future has arrived with a growing number of attacks using fileless or in-memory malware to pose a threat to business that’s increasingly difficult to neutralize. Fileless malware infects targeted computers while leaving nothing behind on the local hard drive. This makes it incredibly easy to sidestep traditional signature based security. During the past year, fileless attacks have been on the rise. According to the SANS 2017 Threat Landscape Survey, one-third of organizations surveyed reported facing fileless attacks in 2017.

In 2017 attackers managed to hit 140 enterprises, including banks, telecoms, and government organizations, with the fileless malware. The organizations were primarily in the U.S., U.K., and Ecuador but firms in Brazil, Tunisia, Turkey, France, Spain and, and Spain were also compromised. Researchers described how the attackers used the malware to gain a firmer foothold into bank’s systems and cash out.

New Jersey Cybersecurity and Communications Integration Cell, NJCCIC says: “The NJCCIC assesses with high confidence that fileless and ‘non-malware’ intrusion tactics pose high risk to organizations, both public and private, and will be increasingly employed by capable threat actors intent on stealing data or establishing persistence on networks to support ongoing espionage objectives or to enable future acts of sabotage.”

What can you do now? Here is a good start:

  • Make a shift in end-user awareness
  • Disabling the use of PowerShell on networks
  • Monitor more closely outbound traffic
  • Trace it back to applications making those requests.

Supply Chain Attacks

Supply chain attacks in 2017 were only the beginning of the growing trend. These attacks seek to damage an organization by targeting less-secure elements in the supply network. Much like social engineering, these supply chain attacks exploit a trust relationship between a software (or hardware) vendor and its customers.

CloudHopper, CCleaner, ShadowPad, Kingslayer, PyPi and M.E.Doc – many of which targeted software aimed at IT administrators and software developers Reports of these attacks are likely to increase in 2018 as new names enter the hacking world. Supply chain attacks are not new, however, the frequency is reason enough to cause concern.

What can you do now? Here is a good start:

  • Create a process of strict control of your institution’s supply network in order to prevent potential damage from cybercriminals
  • Ensure that all applications receive their updates over secure encrypted channels

Phishing Attacks

Phishing Attacks – usually comprised of a malicious email attachment or an email with an embedded, malicious link are the primary vector for malware attacks. Luckily, if you know what you’re looking for, they are easy to detect. However, phishing is far from over.

Some 2017 highlights – source: Info-Security Magazine

  • 1 in 25 for Qatar – A nation of just 2.3 million people saw its businesses and residents hit not just by one major attack, but more than 93,570 phishing events in a three-month span at the start of the year. Such attacks leveraged both email and SMS texts as attack vectors.
  • An Eastern-European cyber-criminal group sent “malware laden” emails to Chipotle staff that compromised Point of Sale systems at most Chipotle locations, obtain customer credit card data from millions of people in the process.

     

  • After months of uncertainty, the U.S. Department of Justice (DOJ) announced the arrest of a Lithuanian man for allegedly stealing $100 million from two U.S.-based tech companies. The attacker targeted attack successfully used a phishing email to induce employees into wiring the money to overseas bank accounts under his control.

What can you do now? Here is a good start:

  • Training and awareness
  • Strict management on admin access
  • Invest in web protection, email protection, mobile device management, password management etc.

If there is one thing that 2017 should have taught us, it is that attacks are becoming more complex, more advanced and can happen to anyone. Opening the dialogue and empowering our peers to educate and plan accordingly is not only the best course of action – it is possibly the only one!

Share
Tags: , , ,