Sextortion, Mobile Malware Lead Check Point's Cyberattack Trends List
We break down seven scary trends that leave you and your business at risk.
![Scary Malicious Hacker with Mask Scary Malicious Hacker with Mask](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/bltd20e7fc5da78b2a2/65245ab89faa27e64a2911ea/Scary-Malicious-Hacker-with-Mask.jpg?width=700&auto=webp&quality=80&disable=upscale)
Shutterstock
As the use of mobile banking applications increases, it’s not surprising that cybercriminals are turning their attack vectors toward this platform, Finkelshtein said.
“It is that simple – they follow the trends,” he said. “The question is why it took them so long?! It takes time to adjust to new technologies.”
In correlation to the growing use of banks’ mobile applications, malware capable of stealing payment data, credentials and funds from victims’ bank accounts have been pushed from the general threat landscape and became a very common mobile threat, too, according to the report. The methodology used to distribute banking malware also has been borrowed from the general threat landscape – malware builders available for purchase in underground forums. The builders of mobile bankers, such as Asacub and Anubis, can allow the creation of new versions of these malware, ready for massive distribution, by anyone willing to pay.
Still highly visible, cryptominers are on the decline this year – only 21% of organizations globally were affected by cryptominer attacks, compared to 42% during its peak in 2018, according to the report. This was the outcome after shutting down the CoinHive drive-by mining service.
Throughout the first half of 2019, 90% of the attacks observed used vulnerabilities registered in 2017 and earlier, and more than 20% of attacks used vulnerabilities that are at least seven years old, according to the report.
Organizations should do a better risk assessment to gain a better understanding of their weaknesses, Finkelshtein said.
“In some cases the entire network is protected, but once they allow BYOD culture for example, they expose their network to some new threats,” he said. “But usually the weaknesses are much more fundamental – unprotected cloud assets or just vulnerable mobile devices. Cybercriminals work to spot these holes to exploit.”
Software supply-chain attacks attracted public and government attention. In such attacks, threat actors inject malicious code into components of legitimate applications, victimizing a large number of unsuspecting users, according to Check Point. The accumulation of several cases since the beginning of the year led the U.S. government to devote special attention to this evolving threat and will soon publish official recommendations on ways to minimize the impact of such attacks.
The growing popularity of public cloud environments has led to an increase of cyberattacks targeting resources and sensitive data residing within these platforms. Following the 2018 trend, practices such as misconfiguration and poor management of cloud resources remained the most prominent threat to the cloud ecosystem in 2019 and, as a result, subjected cloud assets to a wide array of attacks. This year, misconfiguring cloud environments was one of the main causes for a vast number of data-theft incidents experienced by organizations globally.
Determined to convince victims of their credibility, this year saw sextortion scammers doing everything possible to make their victims worried enough to pay up and avoid the publication of the alleged sexual materials, according to the report. This mainly includes providing the victim’s personal credentials as evidence, which were usually leaked in previous data breaches or purchased in underground forums.
Other tactics, mainly common in business email compromise (BEC) attacks, are domain and display-name spoofing, as well as sending the emails from valid high-reputation entities such as compromised Microsoft Office 365 or Gmail accounts. In April, one sextortion campaign went as far as pretending to be from the CIA and warned victims they were suspected of distributing and storing child pornography, while demanding $10,000 in Bitcoin.
One of the dominating ongoing trends in 2019 is targeted ransomware attacks. This year, collaborations between threat actors allowed even more destructive attacks that paralyzed numerous organizations globally, according to Check Point. What ends with a ransomware attack usually starts with a more silent sequence of bot infections.
“This report is evidence of our ability to identify trends and pinpoint changes in the threat landscape,” Finkelshtein said. “We do that using intelligence sources and [a] vast amount of data. Fighting cybercrime is a complex process, but without a doubt, making it less profitable by implementing the best security for your network is the most important part.”
One of the dominating ongoing trends in 2019 is targeted ransomware attacks. This year, collaborations between threat actors allowed even more destructive attacks that paralyzed numerous organizations globally, according to Check Point. What ends with a ransomware attack usually starts with a more silent sequence of bot infections.
“This report is evidence of our ability to identify trends and pinpoint changes in the threat landscape,” Finkelshtein said. “We do that using intelligence sources and [a] vast amount of data. Fighting cybercrime is a complex process, but without a doubt, making it less profitable by implementing the best security for your network is the most important part.”
Cybercriminals continue to have the upper hand, as the first half of 2019 showed no environment is immune to cyberattacks.
Check Point Software Technologies‘ “Cyber Attack Trends: 2019 Mid-Year Report” reveals a 50 percent increase in attacks from 2018. Threat actors continue to develop new tool sets and techniques, targeting corporate assets stored on cloud infrastructure, individuals’ mobile devices, third-party supplier applications and even popular email platforms.
Check Point’s Lotem Finkelshtein
Lotem Finkelshtein, Check Point’s group manager of products and R&D, tells us the most important takeaway from this report is that MSSPs and cybersecurity providers must stay agile.
“The dynamic nature of the threat landscape requires a constant adjustment of the security practices we apply,” he said. “Hence, firewall is good, but definitely not enough to protect against the ever-evolving threats. More advanced security measures are required to face the different attack vectors.”
The most surprising finding is that threat actors adjust their tools and attack vectors to emerging technologies, Finkelshtein said.
“We see them introducing tools and methods tailored to cloud environments, we see them with new mobile malware, and of course gear up to evade AI security products,” he said.
Scroll through our slideshow above for the biggest trends highlighted in this report.
Read more about:
MSPsAbout the Author(s)
You May Also Like