How cybercriminals adapt their methods during cyberattacks
on 23 Mar, 2018
Cybercrime has evolved into an entire industry. As the internet expands, people are using more apps, users are storing more data in more places, and more people can access that data. Therefore, there are more places to sell it. Cybercrime and espionage now cost the global economy more than £319 billion annually. And that cost is only expected to rise as cybercriminals change their tactics to become harder to detect and more effective at stealing your data.
Just take the recent May 2017 WannaCry ransomware attack, for example. People actually thought that their files were encrypted after seeing this notification:
Over 300,000 computers were infected by the attack, causing damage to over 200,000 victims.
We’re going to look at how cybercriminals are adapting their methods during cyber attacks to steal more data. But first, let’s take a look at the severity of cyber attacks in 2017.
A Review of Cyber Attacks in 2017
2017 was a huge year for cybercriminals as the malware market boomed.
The Equifax data breach, the CCleaner malware infection, the massive Uber data hack, and more caused financial damage to businesses and individuals across the world.
Some scams even go out of their way to target specific groups of people like seniors and take advantage of them.
These hacks cause massive harm, but their attacks are difficult to predict. Even the highest levels of protection can’t always keep personal information out of the hands of cybercriminals.
According to a recent study completed by Ponemon Institute and Accenture, the total cost of cybercrime in 2017 grew by 23 percent from 2016.
Everyone is vulnerable. New CheckPoint Research found that the majority of global regions have been attacked by ransomware. In case you’re unfamiliar with ransomware, it’s a form of malicious software that threatens to block a user’s access to accounts or publish their personal information unless they pay a certain amount of money.
As you can imagine, that means huge financial losses. Hackers often target hospitals, banks, universities, law firms, businesses, organizations, and individuals.
But if we educate ourselves on how cybercriminals are changing up their efforts, we can protect ourselves to the highest degree possible.
How Cybercriminals Change Tactics
Most people don’t expect their technology to be used against them.
And once a cybercriminal has hacked your technology, there’s not much that you can do to get your stolen data back or predict the implications of the hack.
Some forms of hacking take complete control away from users.
DNS hijacking, also called DNS redirection, can attack and override a computer’s settings to point it toward a hacker’s DNS server.
This means that hackers can take control of your entire device if you’re not careful.
That’s bad news since we use our devices, apps, and software like never before to make our lives easier.
And nothing is ever totally secure.
Engineers work to put out security patches as soon as they discover weaknesses, but they don’t always find flaws with software before it's too late.
Some of the most popular operating systems are also the most vulnerable, such as Mac OS X.
Cybercriminals take advantage of any kind of vulnerabilities in the software and spread their malware.
We’ve known that DNS hijacking and software vulnerabilities are some of the biggest threats to online security for some time now, but cyber attacks have changed in recent years.
Hackers are more focused on stealing money, financial data, or sensitive information. And they can do it without ever leaving a trace that they bypassed security protections.
They know exactly which kinds of tactics are most successful, and they can even change their approach while in the middle of an attack.
The first thing to be aware of is how ransomware extensions are changing.
1. Changing Ransomware Extensions
Spam campaigns are becoming larger than ever, and hackers are using tons of new infection software.
Locky ransomware is currently one of the most popular kinds of ransomware, and cybercriminals are using a new extension called .lukitus to encrypt files.
This kind of ransomware is an evolved form because it’s so frequently used and so widespread.
When people see these ransomware extensions, they become worried about how they can get their data back.
But it can be difficult to figure out and trace back to which type of malware the hacker is using. It usually takes a few days before victims get any of their stolen data back, too.
Ransomware isn’t the only thing changing, though. So is malware.
2. Changing the Type of Malware
Petya is another ransomware outbreak that is similar to WannaCry.
Petya is fast-spreading, and it changes the type of malware used from ransomware to wiper.
It’s called wiper for a reason - it’s meant to wipe people of any and all data available by destroying it. Hackers use wipers to get the most amount of money from a hack.
These kinds of malware “cocktails” have a high rate of success.
In the past, attackers have used GootKit and Godzilla to collect and steal financial information from victims right from the interface.
These banking trojans can also include other forms of rootkits or worms that can take every piece of data on your computer.
And since it’s connected to your bank account, the cost can be catastrophic.
3. Advanced Spoofing and Spambots
Spoofing attacks are now more difficult to identify than ever. Cybercriminals are becoming increasingly good at executing spoofing emails.
During email spoofing, hackers disguise fake email to be as identical to an original, legitimate one as possible.
Cybercriminals then send the email, making readers think that it’s a real one from a real sender.
They usually hide a link within the email that steals data when a recipient clicks it. Unless you’re trained to know how to spot an imitation email for the real thing, you’ll probably never suspect anything.
During a recent Locky spam campaign, attackers used spoofing tactics to spoof Dropbox.
Here’s what the spoofed emails looked like:
Looks pretty legitimate, right? That’s because hackers are getting increasingly good at impersonating legitimate businesses, companies, and websites.
Because of this, hackers are compromising more and more of users’ data.
Filtering these kinds of threats has become (and will continue to become) increasingly difficult.
Spam emails might seem like a thing of the past as spam filters become better at doing their jobs.
But over 700 million email addresses and passwords were leaked online in 2017, making it the largest data dump ever.
The addresses and password were leaked thanks to - you guessed it - spam emails.
That’s why it’s important to be careful with emails that might still make it into your inbox and slip past a spam filter. If you see a notification like this, delete the email immediately.
Our inboxes are more vulnerable than ever, but what about data that has already been leaked?
4. Using Already-Leaked Data
2017 was a catastrophic year for data breaches.
The Equifax breach is a perfect example. It impacted at least 143 million consumers.
These 143 million people might have had their sensitive information exposed.
This wasn’t the largest data breach in history, but it might have been the worst one due to the nature of what kind of data was stolen, like social security numbers.
During this attack, cybercriminals took advantage of a security update that Equifax never installed.
Once hackers steal this information, it can be hard to know what they’ll do with it.
That’s why it’s important to check to see if you were affected. Visit Equifax’s website, www.equifaxsecurity2017.com, to find out if your data was stolen.
Keep an eye on your credit score with a free credit checking tool like Credit Karma to make sure that your identity hasn’t been stolen.
5. Targeting Devices When Not in Use (IoT)
Some devices are more vulnerable than usual with no built-in security or the chance to update patches.
That’s the problem with internet of things (IoT) devices like wearable tech or Amazon’s Echo. And their use is only increasing in popularity.
According to Business Insider, 22.5 billion devices will be connected to the internet by 2021.
That’s 22.5 billion chances for hackers to compromise privacy and steal data.
Self-driving cars are already on the roads, and there will be at least 10 million of them by 2020.
These are a perfect example of IoT devices. They have tons of sensors and computers designed to reduce accidents caused by the mistakes humans make while driving.
These cars will have the capability to be patched, but they aren’t safe from being hacked. Imagine a world where a cybercriminal could control your car.
They could lock you out of your car, change your speed, and even change where you’re traveling to.
Last year, a Distributed Denial of Service (DDoS) attack brought down the DNS service through IoT devices like baby monitors.
The security implications of these devices are still largely unknown, but research is being done to uncover how people can protect themselves from an IoT hack.
Even when devices are out of use, hackers can still use them to get into certain networks.
Luckily, there are a few ways you can protect your data.
How to Protect Yourself From Attacks
IoT devices are on the rise because they make life easier. That means that you can’t truly avoid them forever. Thankfully, there are several ways you can avoid being hacked.
Above all else, as cybercriminals become more sophisticated, businesses and individuals need to focus on installing software patches as soon as they’re available.
This is the easiest, most basic form of defence.
- Keep all of your software up to date on every device you own and install software updates as soon as they become available.
- Only use unique passwords with the help of a password management program that can store all of your passwords in one secure location.
- LastPass and Zoho Vault are great options.
- According to LifeHacker, all of your passwords should be at least 12 characters long.
- Avoid using names, locations, or regular words within them.
- Add in punctuation, an altered spelling, capitalization, numbers, or punctuation to make your passwords even stronger.
- Include symbols, such as the following: @#$%.
- Back up your data in a cloud system and with an external hard drive so that you can recover your data if it is ever stolen.
- Finally, be sure to use an antivirus program on all of your devices along with cybersecurity software.
Cyber attacks are on the rise - fast. 2017 had some of the worst and largest security hacks and data breaches the world has ever seen.
The cybercriminal industry is worth hundreds of billions of dollars.
Cybercriminals are getting better at their attacks because of how they’re adapting their methods.
They can alter ransomware extensions right in the middle of an attack or change the type of malware being used to wipe tons of data from you in a short amount of time.
By combining several types of malware, they can create a malware cocktail that’s impossible to stop.
Advanced spoofing emails and spambots make it harder to detect a spammer from a real organization, company, business, or even a bank.
Hackers are also using data that has already been leaked to commit cybercrimes, so it’s important to check whether or not your data was leaked in large data breaches like the Equifax breach of 2017.
Cybercriminals are also targeting IoT devices like baby monitors when they’re not in use. Only use IoT devices if you absolutely have to.
The convenience isn’t worth the cost until better security solutions are introduced to the IoT market.
The easiest thing you can do is install security updates as soon as they come out. Don’t wait.
Never use the same password for more multiple accounts, and use a password manager.
Finally, always use antivirus protection on every device you own.
Learn more tips on how to protect yourself against cyber attacks and stay safe online here.