OPINION/EDITORIAL

Cybersecurity Concerns for 2020

Posted by InvestAdvocate on

More in OPINION/EDITORIAL:

May 17, 2020

By Chris Usatenko

2020 started off with great promise but went downhill pretty fast thanks to the Coronavirus. Is everyone focusing on the wrong type of virus, though? Quite possibly. Phishers, smishers, and other cybercriminals are taking full advantage of the panic that Coronavirus creates.

In this post, we’ll look at the primary cybersecurity concerns of 2020 and how to avoid them.

Ransomware Takes a Nasty Turn

Extortion of any kind is never pretty but in 2020, ransomware is moving in a scary new direction.

In the past, the majority of ransomware attacks worked by simply encrypting your files. You could pay the ransom, or opt to start all over again.

In the COVID-19 era, ransomware is adopting a far more menacing approach. While some ransomware groups like Maze and Doppelpaymer have agreed not to attack healthcare facilities, some cybercriminals have fewer scruples.

The less scrupulous members of these communities have launched targeted attacks on healthcare facilities and government health departments. They’re able to extort higher ransoms because people’s lives are literally at risk.

What’s more, they’re introducing an interesting new twist. Cybercriminals are multi-tasking. They’re now stealing a company’s sensitive data before they encrypt all the files on the system. Companies must pay one ransom to decrypt their files.

In the past, this is where most of these attacks ended. Now, though, the cybercriminal releases some of the sensitive client information onto the dark web or the internet. They’ll contact the affected clients to ensure that companies understand how serious they are.

Companies face a double whammy. They must pay the ransom to restore access to the files, and another sum to ensure that bad actors don’t leak the client’s data.

 How to Defend Against This Threat

Start with a good anti-virus/ anti-malware / anti-ransomware program and make sure that you keep it up to date. Ramp up security even more by adding an email scanning program too.

Why email scanning?

67% of ransomware attacks in 2019 were linked to spam or phishing emails. Email scanning programs help to filter out the worst of the spam and look for signs that an email is suspicious. The emails found to be suspicious are quarantined. Naturally, these programs won’t catch every threat, but they do come close.

Phishing and Smishing Trends You Should Know

Phishing emails are typically sent to get you to hand over personal information, business information, or to get you to transfer money. Phishing emails might also have malware embedded into attachments, or direct you to a malware loaded website.

Smishing is a modern take on phishing. Instead of communicating through email, however, smishers reach out via SMS or instant messaging. The risks with phishing and smishing are the same. Smishing is, however, a newer form of cyberattack.

How To Defend Against This Threat

  • Use a good email scanning program as a safety net. Combined with vigilance, it’s your best form of protection.
  • Verify that any emails that you receive are legitimate. Look closely at the sending address. Is it the correct company name or is there a slight mistake? This might be your only clue that something’s wrong, so don’t skip this step.
  • Don’t click on a link in the email unless you’re 150% sure it’s legitimate. Even then, we’d recommend that you navigate to the appropriate site on your own.
  • Forget about spotting phishing emails through typos. Not all phishers are careless with their spelling.
  • When in doubt, pick up the phone and confirm. Do you have a message from your HR department that seems to have come out of nowhere? Then call them to check that it was a legitimate one.

Deepfakes Have a New Moment in the Sun

Deepfake technology has also evolved, particularly over the last year. Previously, deepfakes focused on spreading misinformation and creating cyber-influencers. The tech uses AI to perfectly match a person’s facial expressions and voice.

With this tech, you can appear to make anyone say anything very convincingly. It’s a lesson that a British CEO learned the hard way last year. The CEO received a phone call from his boss and was asked to transfer the equivalent of $243 000.

He duly did so, because he recognized his boss’s voice. As it turns out, it wasn’t his boss on the phone but a cybercriminal. The call came in through an unknown number, but that didn’t raise the CEO’s suspicion, because his “boss” said he was using a different phone.

Cybersecurity experts speculate that this attack was a new form of deepfake attack. They speculate that the cybercriminals used AI to replicate the boss’s voice pretty much perfectly. The CEO’s suspicions weren’t raised at all until the criminals tried to get him to perform a second transfer.

Embarrassing as he must have found it, the CEO doesn’t take all the blame here. This was the first recorded instance of deepfake technology being used in this manner. Considering the success of the enterprise, it won’t be the last.

How to Defend Against This Threat

First the bad news. While companies are working on technology to identify deepfake videos, we’ve yet to see tech that can defend against the type of attack perpetrated against the CEO. Monitoring emails is one thing, but how do you confirm that an incoming call is a legitimate upfront?

Your best option here as a company is to work on the basis that seeing is no longer believing. With deepfake technology, it’s conceivable that phishers might take this form of attack up a few notches. Imagine a quick video instruction from your boss coming through to your phone.

It’ll look like them, and sound like them too. You’ll have a hard time picking up that the call isn’t real. That’s where it becomes important for companies to properly verify instructions. Companies might, for example, work keywords or phrases into instructions to verify that they’re legitimate. If the keyword isn’t used, it’s a clear indication that the message is a fake.

Final Notes

To sum things up, cybercriminals are increasingly looking for ways to get more mileage from their existing techniques. They’re starting to multitask more effectively, and also coming up with clever new strategies to get what they want.

Our best hope in defeating them is to be hyper-vigilant and to act a little paranoid. After all, it’s not really paranoia when someone is out to get you, and cybercriminals are always looking for tasty targets.

This article was contributed by Chris Usatenko, Blogger he can be reached via chris@securitymedia.org

Leave a Comment

Your email address will not be published. Required fields are marked *

*