The emerging threat landscape – July 2022
Cyber criminals continue to employ new and innovative techniques to take advantage of security vulnerabilities and unfortunately, of people. In this article, we’ll take a brief look at the threat landscape and how criminals are leveraging their way into your data.
As predicted, phishing attempts remain the primary route in for criminals, accounting for around 94% of cyber-attacks. Around 90% of data breaches are traced back to phishing emails and each day, around 3.4 billion phishing emails are sent globally. This isn’t really anything new or unexpected. The difference is in the sophistication of the emails and the way in which they are deployed.
Email security software is being deployed on networks to detect malicious links and harmful attachments so the criminals themselves must shift left to move forward. As spam filters are scanning emails for malicious links, criminals simply overload the email with benign links, masking the nefarious culprit. Alternately, links and attachments are simply being removed altogether as criminals adopt linguistic methods to take advantage of world events - and your own good nature. There's been a noted rise in fake appeals for help to global humanitarian crises, with the malicious emails only containing account details. These are extremely difficult for your security software to detect.
Working from home has had a profound impact on the way we work but has also affected how criminals look to exploit us.
There has been an exponential rise in sextortion emails seen this year, with some sources quoting a rise in numbers exceeding 330%. Threat actors have identified that when people are more isolated working from home, they tend to become a little lonelier. Or perhaps you are more likely to interact these emails from the security of your own home instead of the workplace (unless you work in the house of commons, of course)?
Arguably one of the most alarming developments in the year to date is the upward trend of Crime As A Service (CaaS). Exploitation kits are available to purchase on the dark web as easily as buying your groceries from your favourite online store. Websites designed to look and feel as good as any other online re-seller. They’re by no means seedy looking either and often go as far as having dedicated customer support helplines and live technical assistance. You can purchase phishing campaigns with email templates and landing pages, data lists and even zero-day exploits.
Apart from phishing attacks, threat actors are still targeting applications as a way into your organisation and crypto jacking continues to see an upward trend.
Keeping up with the bad guys is not easy. Unfortunately, security often takes a backseat to development. We’re inventing, deploying and embracing new technologies faster than we can figure out how to protect them. If we were as organised as the criminals we’d have no concerns, but sadly that just isn’t the case.
You have to combine URL protection, content sanitization, domain-based message authentication, reporting and conformance (DMARC), spam filtering and of course, user awareness training to stand any chance of protecting your eco-system.