Cyber-attack threat strategies have been evolving continuously. As of 2020, online technology is experiencing advanced attack techniques adopted against the latest security system.
Although the modern attack designs have become extremely clever and powerful, statistics show that 99% of the email threats succeed its infection because of the human error caused by the victim.
In another word, 99% of the infection can be prevented by simply learning about the attack method and behave with proper measures.
In this article, we will review the most active threats in 2020 to be aware of and prepare for proper measures.
Ransomware is a type of malware named after merging two terms "ransom" and "malware". As the name indicates, Ransomware is designed to demand payment to the user by blocking access to infected computers with encryption technology.
The access block it enforces is extremely flexible being able to target a single file, the operating system, or the entire hard drive. Encryption cannot be broken usually without the password managed by the attacker.
Ransomware became publicly acknowledged around 2017 due to the globally scaled cyber-attack led by ransomware named WannaCry. Although security measures against WannaCry have been broadcasted, there are still many Ransomware incidents reported.
Because the ultimate goal of Ransomware is to collect ransom revenue from the victims, recent statistics show that the main targets are shifting toward corporations and governmental facilities.
The main infection route is known to be through malicious website access, infected USB, and phishing emails. Many incidents report that ransomware demand does not occur immediately after the infection, instead, it will get trigger after a certain time. What this means is Ransomeware is capable to be controlled remotely by the hacker.
Emotet may sound like a harmless creature or some Egyptian emperor, but the actual entity is extremely dangerous. Emotet is a type of <strong>banking Trojan</strong> specialize in stealing credit accounts and financial access credentials while attacking associated computers.
This malware was discovered in 2014 attacking global organizations by sending emails disguised as bank transactions and order confirmation to lure users to open the malicious web page.
A new version of Emotet with extremely powerful features was found during 2015. The most impacting feature was the module add-on loader, which can access Command and Controller (C&C) Server to download modules that can perform DDoS attacks, email account hack, and spread email spams.
In short, Emotet can hack the host's email application to extract a list of contacts and send out impersonated spam mails to attempt to further spread itself. Spam email created by Emotet takes advantage of previously sent emails' content and makes it very difficult for the receiver to give doubt.
By 2018, the U.S. Department of Homeland Security considered Emotet as highly dangerous malware and alerted nationwide.
Spear Phishing Attacks
While phishing attack has been a major threat over the years, a phishing technique called Spear Phishing has recently become one of the biggest issues. Spear phishing is used when an attacker targets a specific organization or confidential data with a dedicated plan.
A recent report shows that 32% of all data breaches are initiated by phishing attacks. Furthermore, the average financial damages caused by phishing attack data breach is $3.92 million.
The most common way of performing a spear phishing attack is by sending phishing emails. An attacker will conduct multiple email content with details specific to the target by gathering information about business partners, financial keywords, and associates services.
As an example, a spear phishing email may contain past transaction details with a legitimate logo and service address, asking for confirmation through an attached link. A linked web page might look identical to a familiar website to trick you submit information or download a malicious file.
To avoid harms driven by phishing attacks, it is important to apply for security protection through understanding the phishing characteristics.
- Check for misspelled words, awkward sentences, and grammar mistakes.
- Be aware of Social Engineering techniques.
- Ask for opinions before making an action.
- Do not access links or open attached files, even for emails from a familiar person.
- Install Antimalware software.
Keep your phishing knowledge sharp and prevent infection from the very first step.
The popularity of the Internet of Things in service fields, such as medical treatment, self-driving cars, and agriculture, has become active in recent years. Especially with the arrival of the 5G network era, the IoT movement is accelerating more than ever.
On the other hand, security concerns related to IoT devices and services keep rising without proper measures. The convenience brought by IoT innovation can turn into an equally impactful threat when exploited under a criminal mindset.
IoT devices are perfect Botnet target since they are typically active and accessible the entire time, while not monitored by a dedicated user. Through IoT, hackers have a better chance to steal valuable information and network access to the core server.
We recommend reviewing the IoT Cybersecurity guideline document published by NISTIR to learn and minimize risk toward IoT cyber-attacks.
What makes Botnet extremely dangerous is its nature of involving the user in criminal activities without noticing.
Botnet stands for ro<strong>bot</strong> <strong>net</strong>work and it is a network mash of computers infected by a Bot.
A Bot is a type of malware designed to enable remote access and commands so that the attacker can control as needed. A device or computer that is infected by Bot is also known as "Zombie Machine" due to the fully controlled behaviors.
When the computer gets infected by a Bot, Bot invades the computer by setting up a remote access environment for the attacker to send commands through Command and Control (C&C) Server. Invasion is performed completely under the surface so that the user will not notices.
Once a computer becomes fully infected, the attacker will then exploit the network and resource of the computer to prepare for criminal activities, such as sending spam emails, DDoS attacks, and cryptocurrency mining.
Finally, a mesh of Bot computers defined as Botnet will be utilized to perform extremely powerful attacks by executing attacks from Bot controlled computers at once.
The best way to prevent Botnet infection is to be aware of proper security measures by learning the potential infection methods. Make sure to keep your computer up-to-date by applying OS and application updates. Also never trust unfamiliar or malicious files, especially when attached to an email.
DDoS is an abbreviation of Distributed Denial-of-Service, a cyber-attack aimed to cause force service and server shutdown by sending overloaded disruption requests.
Although DDoS attack has been acknowledged and studied since 2000, many similar attacks have been actively performed today. Known victim organizations include Yahoo, eBay, and E-Trade causing their online services and websites to temporarily shut down.
Recent reports describe that DDoS attacks combined with Botnet have been discovered, making the attack much powerful and hard to trace. Organization and web service owners are recommended to apply server solutions that support overloaded access.
We reviewed the 6 major cyber threats that users should be aware to keep safe in 2020. The best way to protect ourselves from cyber-attacks is to understand the attack strategy and not give the chance to trigger infection with proper behavior.
Maintain sharp security knowledge and enjoy keeping technology safely.