Latest News

2020 was a prosperous year for cybercriminals. 

The number of phishing emails and social engineering scams that use the COVID-19 pandemic as a topic represents the single largest thematic series of cybercrime attacks ever. Furthermore, cyberattacks grew 400% compared to the previous year, according to Cyber Threat Intelligence League, a collective of over 1400 cyber security professionals and government experts from 40 countries.

The ever-growing rate of cybercrime has prompted nationwide activity here in Australia. The Cyber Security Advisory Committee now considers ransomware one of the most serious growing threats to Australian businesses, and the Australian Cyber Security Centre (ACSC) has released a new version of the Essential Eight Maturity Model.

This goes to show how important awareness is becoming in the modern business world. The degree to which you understand cybercrime attack vectors will directly inform the effectiveness of your cyber security processes. 

What can you do to stay ahead of emerging threats? Your best course of action is to learn everything you can about what they are and how they work. 

The more you know about the threats your business faces, the better prepared you’ll be to identify attacks in progress and prevent them from causing damage. The biggest threats you need to know about are ransomware and phishing, as well as the evolving way in which cybercriminals execute their attacks.

Social Engineering Remains The Primary Source of Breaches

Social engineering uses manipulation and deception to target a specific individual with the goal of getting them to give up sensitive information, or complete a task that benefits the hacker's end goal.

 Using email tactics similar to those used to spread ransomware, social engineering is the primary way that hackers influence unsuspecting users to do things they normally wouldn’t do. Phishing and Business Email Compromise (BEC) are the two major ways that social engineering is used to target victims. 

Phishing is a fraudulent attempt to obtain sensitive information like login credentials or credit card numbers by impersonating trustworthy figures, like companies and other users. Since the start of this year, Google had registered 2,145,013 phishing sites, a drastic increase from 1,690,000 the year before. 

BEC takes it one step further, targeting known users and prompting them to take action, like wiring money to bank accounts or buying gift cards and sending them to a hacker. In both cases, the cybercriminals exploit the naivety and ignorance of a person to get them to do something they might not normally do.

Spear phishing is an enhanced version of these exploitation methods. The hackers take the time to gather detailed information about the victims, targeting specific people and presenting them with detailed requests that only a knowledgeable person might have, causing the targeted people to lower their guard and leading to much better results.

The Changing Nature Of Ransomware

Ransomware is a type of malware or trojan that infects a network and blocks access to data stored on those networks by encrypting all the files in a way that is difficult, if not impossible, to decrypt. The hackers who deploy the malware agree to provide a unique decryption key in exchange for a payment, usually in Bitcoin or some other cryptocurrency, making tracing and prosecuting the hackers difficult.

The malware is mostly spread using emails with embedded links that are sent out en masse to thousands if not millions of email addresses that can be readily obtained at low prices on the Dark Web. The hackers assume that at least some of those emails will be opened and some of the links clicked, downloading malware to the unsuspecting user’s PC and starting the encryption process. Overall, it is a very easy process to manage, and the rewards are exponentially higher than the cost.

In recent years, Australian businesses have become popular targets for ransomware attacks, resulting in a range of attacks on smaller organisations in 2020:

• 62% of small businesses that contacted ACSC suffered a cyber attack
  
  
• Cosmetics retailer The Heat Group was infected with ransomware
  
  
• Langs Building Supplies is attacked twice in five years

Cybercriminals Are Becoming More Patient

Starting around 2018, hackers discovered that it was relatively easy to penetrate an organisation’s network and remain undetected. Rather than immediately deploy a ransomware trojan and begin infecting files, the hackers watched silently as the firm went about its day-to-day business. 

Because they had unfettered access to the network and all the information stored there, the hackers learned details about the organisation and all the people who worked there, which allowed them to do additional damage, including accessing bank accounts, confidential documents, and emails. They would start copying this data from the network to their servers, a process known as exfiltration, until they had all the data they wanted. 

Some documented incidents found that hackers were roaming the network for up to 12 to 18 months before launching their primary attack. This is an attack that occurs when the threat actors have exfiltrated all the data they need and are ready to hold the organisation hostage. They launch the encryption payload that has been sitting dormant on the network for weeks if not months. 

Once the files are encrypted, and the organisation is locked out of the data, the hackers demand a ransom. In Australia alone, there has been a 60% increase in ransomware attacks in the past year, and Telstra estimates that cyberattacks cost the national economy $3.5 billion in 2020. 

Once the ransom is paid, and the decryption key is turned over by the hackers, cybercriminals often turn around and ask for more money to prevent the release of the information they have already stolen, putting the compromised firm in a tough spot. In most cases, the regulatory fines for data breaches are so high that companies are forced to decide between paying yet another ransom or facing fines and potentially significant damage to their reputation. For hackers, getting access to the data is the new gold rush.

What’s The Key To Cyber Security In 2021? 

Invest in a little expert protection – CyberUnlocked. We can put our big business cyber security expertise to work for you, implementing best practices, identifying vulnerabilities, and protecting you against the more common and dangerous cybercrime scams.