Ransomware Being Used as a Decoy
Ransomware attacks are now used to extort money and distract admins while attackers load other malware into their systems. This is because ransomware became so effective and common that the market got oversaturated with opportunistic cybercriminals, dropping the value of each attack. In response, cyber thugs have diversified their portfolios of attack vectors.
Today, while an organization is trying to find a solution to reclaim control of systems or their network, cybercriminals are using tools like keyloggers and Trojans to steal data or for some form of financial benefit.
Attacking Specific, Large, Powerful Organizations
Instead of flooding the internet with opportunistic malware that randomly waits for a weak device or human mistake, attackers have shifted to going after substantial companies and even governmental entities. One of their favorite tactics involves spear-phishing by focusing on stealing access credentials of a specific person they know has the permissions necessary to get into a sensitive area.
After obtaining their credentials, the attackers move laterally towards the area of the network they want to compromise. Often, these attacks occur over the course of several months—or longer—as the criminals patiently execute their strategy.
Hacking Devices to Mine Cryptocurrency
While using the processing power of user devices to mine crypto is nothing new, given the shift towards Internet of Things (IoT) devices, the danger is steadily increasing. In a typical crypto-jacking attack, the criminal will inject a user’s device with code that dedicates its resources to mining crypto. The malicious code can be installed directly on the device or via a “drive-by” download in which the malware gets installed when the user visits a certain website.
After a device has been crypto-jacked, it may heat up due to the intense processing load, incur higher electricity charges, or result in bigger internet bills as more bandwidth is consumed to mine crypto. Sometimes the device will literally meltdown due to the increased workload.
While this typically impacts individual users, organizations that use IoT devices need to prepare. IoT devices, particularly because so many often have relatively lax security policies, can be an easy target for cybercriminals looking to jack some processing power.
Automatic Malware Installations Using Software Updates
Software updates are being used to inject malware into user’s computers and the networks of organizations. Attackers may create a site or send an email that claims to be from a legitimate software provider offering an update. When the user downloads the update, malware gets installed on their computer.
An attacker may also hijack a legitimate IP address or domain and then replace the real update with one infected with malware. In this kind of attack, the user has every reason to trust the source of the download because they navigated directly to what is typically a trusted portal. However, their computer is soon compromised when they attempt to update their software.
If you know the cyberthreats popping up on the landscape, it’s easier to secure your company—before a breach happens. With Robust Networks, you get comprehensive protection from a wide variety of threats, complete with data and email security, device protection and management, intrusion prevention, penetration testing, and remote monitoring. Learn how Robust Networks can protect you from the latest cyberthreats by reaching out today.