Emma Okonji
A UK-based research firm, SophosLabs has launched its 2019 Threat Report on cybersecurity, providing insights into emerging and evolving cybersecurity trends.
The report, produced by SophosLabs researchers, explored changes in the threat landscape over the past 12 months, uncovering trends and how they are expected to impact cybersecurity in 2019.
Speaking on the SophosLabs report, the Chief Technical Officer (CTO) of Sophos, Joe Levy, said: “The threat landscape is undoubtedly evolving; less skilled cyber criminals are being forced out of business, the fittest among them step up their game to survive and we will eventually be left with fewer, but smarter and stronger adversaries.
“These new cybercriminals are effectively a cross-breed of the once esoteric, targeted attacker, and the pedestrian purveyor of off-the-shelf malware, using manual hacking techniques, not for espionage or sabotage, but to maintain their dishonorable income streams.”
The SophosLabs 2019 Threat Report, which focused on key cybercriminal behaviours and attacks, revealed that capitalist cybercriminals were turning to targeted ransomware attacks that are premeditated and reaping millions of dollars in ransom.
The report said 2018 saw the advancement of hand-delivered, targeted ransomware attacks that were earning cybercriminals millions of dollars.
These attacks were said to be different than ‘spray and pray’ style attacks that are automatically distributed through millions of emails.
Targeted ransomware is more damaging than if delivered from a bot, as human attackers can find and stake out victims, think laterally, trouble shoot to overcome roadblocks, and wipe out back-ups so the ransom must be paid, the report said.
This “interactive attack style,” where adversaries manually maneuver through a network step-by-step, is now increasing in popularity. Sophos experts believe the financial success of SamSam, BitPaymer and Dharma to inspire copycat attacks and expect more to happen in 2019, the report said.
It further explained that cybercriminals are using readily available windows systems administration tools, adding that this year’s report uncovers a shift in threat execution, as more mainstream attackers now employ Advanced Persistent Threat (APT) techniques to use readily available Information Technology (IT) tools as their route to advance through a system and complete their mission, whether it’s to steal sensitive information off the server or drop ransomware.
The report further revealed that cybercriminals were utilising essential or built-in Windows IT admin tools, including Powershell files and Windows Scripting executables, to deploy malware attacks on users.
“Cybercriminals are playing Digital Dominos by chaining together a sequence of different script types that execute an attack at the end of the event series.
“Hackers can instigate a chain reaction before IT managers detect a threat is operational on the network, and once they break in it becomes difficult to stop the payload from executing,” the report stressed.
According to the report, cybercriminals have adopted newer Office exploits to lure in victims, and Office exploits have long been an attack vector, but recently cybercriminals have cut loose old Office document exploits in favour of newer ones.
With the continued threat of mobile and IoT malware, Malware’s impact extends beyond the organisation’s infrastructure as we see the threat from mobile malware grow apace. With illegal Android apps on the increase, 2018 has seen an increased focus in malware being pushed to phones, tablets and other IoT devices, Levy said.
The Central Bank of Nigeria (CBN) recently revealed that commercial banks in the country lost a total of N12.06 billion to fraud and forgeries in the first six months of 2018.
The CBN disclosed this in its ‘Draft 2018 Half Year Economic Report’ that was released recently. According to the report, there were 20,768 reported cases of fraud and forgery (attempted and successful), valued at N19.77 billion in the review period, compared with 16,762 cases, involving N5.52 billion and US$ 0.12 million in the corresponding period of 2017.
“The actual loss by banks to fraud and forgery, however, amounted to N12.06 billion, compared with the N0.78 billion and US$0.03 million, suffered in the first half of 2017.
“The reported fraud and forgery incidences were perpetrated by both bank staff and non-bank culprits. The cases involved armed robbery attacks, fraudulent ATM withdrawals, draft defalcation, illegal funds transfer, pilfering of cash, stealing, suppression and conversion of customers’ deposits,” it had explained.
